RE: Limit user threat -- MIDRANGE-L

Good News Everybody!

The new search engine is LIVE!

Please report any problems to david (at) midrange.com.

Subject: RE: Limit user threat
From: Justin Taylor <JUSTIN@xxxxxxxxxxxxx>
Date: Tue, 7 Aug 2018 17:13:12 +0000
List-archive: <https://archive.midrange.com/midrange-l/>
List-help: <mailto:midrange-l-request@midrange.com?subject=help>
List-id: Midrange Systems Technical Discussion <midrange-l.midrange.com>
List-post: <mailto:midrange-l@midrange.com>
List-subscribe: <https://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=subscribe>
List-unsubscribe: <https://lists.midrange.com/mailman/options/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=unsubscribe>

I was anticipating a grand debate about changing the user profile, and I expected to need some damning evidence to make my case. It turned out to be an open-and-shut case.

Thanks guys

-----Original Message-----
From: Rob Berendt [mailto:rob@xxxxxxxxx]
Sent: Tuesday, August 07, 2018 8:08 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Subject: RE: Limit user threat

We weren't talking about trying to issue SBMJOB from a 5250 session. For example CRTUSRPRF USRPRF(DUMMY) PASSWORD() LMTCPB(*YES)

Run sql scripts
DISCONNECT ALL;
CONNECT RESET;
CONNECT TO GDISYS USER DUMMY USING 'DUMMY';
CL: SBMJOB CMD(DSPJOB OUTPUT(*PRINT));

Works fine.

I remember you said you used an exit point to control ftp and odbc but we suspect there are always others.

Rob Berendt

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.