|
The thing to remember is that the command run by STRPCCMD runs under the same user profile as the user currently signed on to the PC. So anything sent by STRPCCMD can't do any more damage than the user could be doing a "Start"-->"Run". If the user should be able to start a REXEC client, then they shouldn't be allowed to start a REXEC client using any means. Now I suppose, one could theorize that a "bad" iSeries user could put STRPCCMD in a CL or other HHL program such that the command is inadvertently used by a PC user with Admin Privileges to his/her PC or the entire Network. Let's disregard the fact that it is well known that you shouldn't be using a PC Admin profile for regular work and that having a 5250 session to the iSeries would probably be considered regular work. So our theorical "bad" iSeries person would have to be someone with enough iSeries authority to 1) Create programs 2) Put them someplace where another user could/would call them. Given those requirements, I'd say the "bad" iSeries persons ability to run commands on your PC is the least of your worries. The only place this might be viable exploit is in larger shops that have a distinct separation between iSeries Admins and PC/Network Admins. As an iSeries Admin I could set something up so that when the PC Admin signed onto the iSeries STRPCCMD would be used to give myself Admin privileges to the network. Of course, with such a distinct separation between PC/iSeries why would the PC guy be signing onto the iSeries? Particularly with while signed onto his PC with his admin profile? Charles Wilt iSeries Systems Administrator / Developer Mitsubishi Electric Automotive America ph: 513-573-4343 fax: 513-398-1121 > -----Original Message----- > From: midrange-l-bounces@xxxxxxxxxxxx > [mailto:midrange-l-bounces@xxxxxxxxxxxx]On Behalf Of Steve Richter > Sent: Monday, April 25, 2005 2:05 PM > To: Midrange Systems Technical Discussion > Subject: Re: Re: Recent bugtraq postings > > > On 4/25/05, Patrick Botz <pcbotz@xxxxxxxxx> wrote: > > These are my opinions only. They do not necessarily reflect > the opinions of > > my employer... > > > > Just a couple examples of inaccuracies > > > > > > 2. Claim: OS400 has a security exposure because a bad > person could > > use commands on OS400 to do bad things on Windows. > > Implication: OS400 causes the exposure. > > Clarification: The fact that you can use information from > a connection > > established by windows to perform windows commands > unrelated to the > > connection is not an exposure of another system that > "COULD" take advantage > > of it. It is a windows exposure. It's something that > needs to be managed or > > fixed in Windows. > > what is unclear to me is if client access, an IBM software product, is > set by default to allow STRPCCMD to start a service like REXEC on a > PC. If so, then that is a case of IBM software contributing to the > security exposure of a network. is that correct? > > Would still like to know if a PC user account, compared to super user > and administrator, can do any harm on a PC. > > -Steve > > -- > This is the Midrange Systems Technical Discussion > (MIDRANGE-L) mailing list > To post a message email: MIDRANGE-L@xxxxxxxxxxxx > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/mailman/listinfo/midrange-l > or email: MIDRANGE-L-request@xxxxxxxxxxxx > Before posting, please take a moment to review the archives > at http://archive.midrange.com/midrange-l. > >
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.