RE: AS400 Command Line Access -- MIDRANGE-L

× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.

Sorry, I meant ALWLMTUSR, not LMTCPB. And I assumed you implied that LMTCPB
was set for the user (which you didn't do). LMTCPB is a profile attribute,
ALWLMTUSR is a command attribute. I would, at a minimum, set Limit
Capabilities on the profile, but do keep in mind the caveat below and don't
trust that as your "simple security measure."

Dennis Lovelady
http://www.linkedin.com/in/dennislovelady
--
Change is inevitable, except from a vending machine.

Absolutely. He can run any IBM-supplied or user-written command that
has LMTCPB(*NO) specified. Adding fuel to the fire, if he has
authority to CRTCMD, he can create new commands that have LMTCPB(*NO)
specified, and within the CPP for those commands can do pretty much
anything within his authority limits.

Dennis Lovelady
http://www.linkedin.com/in/dennislovelady
--
He who laughs last, thinks slowest.

A user has command line access on AS400 but he does not have any
special authority on his profile.Is there any risk which the user can
pose to the system.Can he run any dangerous commands or any programs
which may do some activities.

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.