Manualshelf

Is your e3000 Environment Secure? Homestead security

ManualsBrandsHP ManualsSoftwareMPE/iX 6.0 Operating System
61626364656667686970
page 69April 24, 2003
Is Your Homestead Secure? - Solution Symposium West
FTP - be aware of FTPSRVR's "site stream"
command
Allows remote users to stream batch jobs
Users with CAP=BA,SF could upload new batch jobs to
/tmp or other writable directories and then stream those
jobs
Defeats the use of "OPTION LOGON,NOBREAK" if
such UDCs do not also restrict batch jobs
A future version of FTPSRVR will likely add a new
parameter to SETPARMS.ARPA.SYS to globally enable
or disable "site stream"
Vesoft's Security/3000 product can also control the use
of "site stream"