MIDRANGE dot COM Mailing List Archive



Home » MIDRANGE-L » September 2002

Re: PWRDWNSYS - Trivia



fixed

> If a user were to take the PWRDWNSYS command from a command line, just
smack
> enter to take defaults (controlled/30 minutes I think) - is there ANY way
to
> cancel that, or does it have to do its thing all the way through?
>
> No pending emergency here mind you, just curious.
>

I have worked in a couple of shops where users were NOT secured from
executing this command, and in both shops a user was able to negotiate to
the menu and select the PWRDWNSYS command and execute it.  As the other
postings have indicated, once it has started, the only way to handle it is
to get everyone off the system and let it power down, then start it up
again.

However, this has led me to make the following recommendations to all of my
clients.  The security for the following commands should be restricted to
the system administrator or QSECOFR, with *PUBLIC having *EXCLUDE authority:

PWRDWNSYS
ENDSYS
ENDSBS
ENDJOB
HLDJOBQ
HLDSBS

(and generally any of the HLD* or END* commands)

Of course, many of the user profiles should already be restricted from
executing any of these commands by virtue of the way that their user
profiles should have been created, but the security for these commands
should be reviewed to determine if there is any exposure.







Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact