ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamv_5.4.0.1/rzamvtcpsecrexec.htm

56 lines
3.2 KiB
HTML
Raw Permalink Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Secure the REXEC server" />
<meta name="abstract" content="This article provides recommendations for securing the REXEC server." />
<meta name="description" content="This article provides recommendations for securing the REXEC server." />
<meta name="DC.Relation" scheme="URI" content="rzamvtcprexec.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="tcpsecrexec" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Secure the REXEC server</title>
</head>
<body id="tcpsecrexec"><a name="tcpsecrexec"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Secure the REXEC server</h1>
<div><p>This article provides recommendations for securing the REXEC server.</p>
<div class="p">Following are considerations when you choose to run the Remote EXECution
server on your system: <ul><li>An REXCD request includes a user ID, a password, and the command to run.
Normal server authentication and authority checking applies: <ul><li>The user profile and password combination must be valid.</li>
<li>The system enforces the Limit capabilities (LMTCPB) value for the user
profile.</li>
<li>The user must be authorized to the command and to all of the resources
that the command uses.</li>
</ul>
</li>
<li>The REXEC server provides exit points similar to the exit points that
are available for the FTP server. You can use the Validation exit point to
evaluate the command and decide whether to allow it.</li>
<li>When you choose to run the REXEC server, you are running
outside any menu access control that you have on your system. You must ensure
that your object authority scheme is adequate to protect your resources.</li>
</ul>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvtcprexec.htm" title="These articles discuss methods for securing the REXEC server for authorized users and preventing access to the REXEC server.">Security considerations for using REXEC server</a></div>
</div>
</div>
</body>
</html>