× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Dan did you ever get the mailto to work withen java...

If not, this should work...

c*                  eval      data = 'notepad.exe'

c*                  eval      len = 500

 /free

   data = 'cmd /c start mailto:somebody@xxxxxxxxxxxxx?subject=something';

   len = 500;

 /end-free

 

c                   eval      key = 'xxx.xx.21.95'

c                   eval      keyln=20


tim

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Dan
Sent: Thursday, October 27, 2005 2:24 PM
To: Midrange Systems Technical Discussion
Subject: Re: Questions on "Calling PC Commands from RPG" article

On 10/27/05, Scott Klement <midrange-l@xxxxxxxxxxxxxxxx> wrote:
>
> > Case on password is important.
> > Didn't find any error log when PC command failed for any reason.
>
> RUNRMTCMD creates a spooled file that contains any output (including
> errors) from the PC command.


Found it! Good to know!

> 'start notepad' works, but 'start notepad.exe' does weird stuff.
> > Have to find out if RMTUSER & RMTPWD can be omitted (usage to be
> confined
> > within a user application issuing the RUNRMTCMD; if the user is 
> > running
> the
> > application, the RUNRMTCMD is valid for the user.)
>
> There's no way the Windows server can know if the iSeries user is 
> running a particular application. Remember, securing the client-side 
> of the connection doesn't really help you. Anyone (unless blocked by a 
> firewall) can run commands on the incoming remote command service from
anywhere.
>
> A Windows or Unix user can use the rexec command, which is similar to 
> the RUNRMTCMD command to execute commands on the Windows PC. Indeed, 
> even from the iSeries, you could use rexec in QShell, or the rexec() 
> API from an application. Or if they can't do any of that, they can 
> always write their own rexec program.
>
> The only thing keeping it relatively secure is that they have to 
> supply a valid userid/password. Think carefully before you remove that 
> restriction!


Obviously good points. I guess I see the beauty of the security in the Java
solution. It takes commands only from an iSeries data queue which, I
believe, can be locked down fairly securely. Locked down as in it's possible
to restrict who can send a DQE and perhaps even restrict the application(s)
that can do it. Please someone tell me if I'm wrong on that.

On the rexec side of the security equation, it seems less clear to me. I
know I've seen warnings about this in the past, but I've never pursued it
much prior to yesterday.

- Dan

-
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe,
or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at http://archive.midrange.com/midrange-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.