This article provides recommendations for securing the REXEC server.
Following are considerations when you choose to run the Remote EXECution
server on your system:
- An REXCD request includes a user ID, a password, and the command to run.
Normal server authentication and authority checking applies:
- The user profile and password combination must be valid.
- The system enforces the Limit capabilities (LMTCPB) value for the user
profile.
- The user must be authorized to the command and to all of the resources
that the command uses.
- The REXEC server provides exit points similar to the exit points that
are available for the FTP server. You can use the Validation exit point to
evaluate the command and decide whether to allow it.
- When you choose to run the REXEC server, you are running
outside any menu access control that you have on your system. You must ensure
that your object authority scheme is adequate to protect your resources.