Using any of these commands is a PCI security auditors worst nightmare. You might want to consider alternative options to using these commands, we had to turn them all off after a security audit.

-----Original Message-----
From: Monnier, Gary [mailto:Gary.Monnier@xxxxxxxxx]
Sent: Wednesday, May 16, 2012 3:25 PM
To: Midrange Systems Technical Discussion
Subject: RE: RMTCMD's security?

You may also want to restrict commands AREXEC and RUNRMTCMD use as well.

Gary Monnier


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of fbocch2595@xxxxxxx
Sent: Wednesday, May 16, 2012 1:22 PM
To: midrange-l@xxxxxxxxxxxx
Subject: Re: RMTCMD's security?

Right, so I figured making SBMRMTCMD public *exclude should put an end to anyone using it.



-----Original Message-----
From: Monnier, Gary <Gary.Monnier@xxxxxxxxx>
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Sent: Wed, May 16, 2012 4:19 pm
Subject: RE: RMTCMD's security?


It depends upon you have your commands secured. Would you give the person ccess to a command line? Would you want them running PWRDWNSYS, DLTF, DLTPGM, tc.?
With the way IBM has set up servers you can run SBMRMTCMD on your test box. All ou do is create the DDM file so it points to your test system then run BMRMTCMD.
Gary Monnier
-----Original Message-----
rom: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx]
n Behalf Of fbocch2595@xxxxxxx
ent: Wednesday, May 16, 2012 1:11 PM
o: midrange-l@xxxxxxxxxxxx
ubject: RMTCMD's security?

i Folks, are many of you securing these commands, SBMRMTCMD, etc. so as to hange from the default of *USE for public? Do you see a risk in your users sing RMTCMD's from a test i to a production i?
hanks, Frank


-
his is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To ost a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or hange list options,
isit: http://lists.midrange.com/mailman/listinfo/midrange-l
r email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment o review the archives at http://archive.midrange.com/midrange-l.
--
his is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list o post a message email: MIDRANGE-L@xxxxxxxxxxxx o subscribe, unsubscribe, or change list options,
isit: http://lists.midrange.com/mailman/listinfo/midrange-l
r email: MIDRANGE-L-request@xxxxxxxxxxxx efore posting, please take a moment to review the archives t http://archive.midrange.com/midrange-l.


This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].