× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  • Subject: Re: FTP server authority issue
  • From: Rob Berendt <rob@xxxxxxxxx>
  • Date: Thu, 15 Oct 1998 16:08:18 -0500

Tim,

I agree with Pat that IBM likes to qualify their command names 
with QSYS.

Pat,
Can your product actually address Tim's problem?  Can it take an 
incoming command; and qualify it with a library name, NEWSYS?  We 
use our inhouse FTP program that we downloaded off of IBM's web 
site and modified for our purposes.  This kind of flexibility is 
what I like about in house programs.




townsend@patownsend.com on 10/15/98 03:08:30 PM
Please respond to MIDRANGE-L@midrange.com@Internet
To:     MIDRANGE-L@midrange.com@Internet
cc:      

Subject:        Re: FTP server authority issue

Hi Tim,

It is quite common for IBM to qualify command usage to point to the QSYS
library. Just look at the source for QSTRUPPGM as an example. It would
probably take an IBM'er to really answer this question. I would suspect
that the proper way to secure FTP is with the exit points. Gee, who do
we know who has an FTP security product <g> ???

Patrick
-- 
IBM AS/400 communications, FTP automation, and network security
software and consulting services.

mailto:townsend@patownsend.com
http://www.patownsend.com

Tim McCarthy wrote:
> 
> Can anyone verify this:
> 
> A customer is running the OS/400 FTP server under V4R2. They have a
> modified system library list that has a user library NEWSYS prior to QSYS
> in which they have created versions of IBM commands - one of which is
> CRTPF. All users have had authority revoked to the original commands in QSYS.
> When running an FTP session, users authorized to the new CRTPF command can
> run the command QUOTE RCMD CRTPF QGPL/myfile etc.. successfully. However
> when they try to use PUT to send to the file QGPL/myfile (which does not
> exist) they get an error "Unable to open or create target file MYFILE in
> library QGPL". I've checked out the FTP server job log and the library list
> does include NEWSYS in the library list ahead of QSYS. Interestingly the
> server joblog error states "Not authorized to command CRTPF in library
> QSYS". Has the FTP server program changed to use the CRTPF command in QSYS
> explicitely? If so, this would seem to be a security hole.
> 
> Tim
> Tim McCarthy
> TrailBlazer Systems Inc.
> AS/400 E-Commerce communications
> +---
> | This is the Midrange System Mailing List!
> | To submit a new message, send your mail to MIDRANGE-L@midrange.com.
> | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
> | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator: david@midrange.com
> +---
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.