Adding security to FTP and the QUOTE RCMD command

This tip shows you how to overcome security problems with FTP and the QUOTE RCMD command.

Jim Townsend

Published: 19 Jul 2001

For security reasons all of our files /commands etc. have the authority of *PUBLIC = *EXCLUDE.

This can cause a problem when using FTP, often you wish that the person sending or receiving the file would also execute a command.

What we have done is set up a command on the AS/400 that will submit a job on the job scheduler. The job on the job scheduler will then submit the command under a generic user profile that has authority to all the commands and files.

The FTP user submits a command such as: QUOTE RCMD CLRMYFILE.

The command on the AS/400 will execute a CL program CLRMYFILE, which will submit a job from the job scheduler, which will clear a file after it has been picked up by the user.

The CL will look like this:

             PGM
    SBMJOBJS   JOB(CLRMYFILE) TIME(*IMMED)  +
                  LOG(4 00 *SECLVL) LOGCLPGM(*YES)

            RETURN
            ENDPGM

On the job scheduler you would create the job entry and enter the CLRPFM command for the file the user needs to clear.

Use option 2 and page down until you see this screen and enter the user ID that you want the job to run under.

 
   -------------------------Submission Information--------------------- 
                                                                                
   Job description  . . . . . . .   *USRPRF       Name, *USRPRF, *JOBCTL        
     Library  . . . . . . . . . .                 Name, *LIBL, *CURLIB          
   Job queue  . . . . . . . . . .   *JOBCTL       Name, *JOBD, *JOBCTL          
     Library  . . . . . . . . . .                 Name, *LIBL, *CURLIB          
   Job priority (on JOBQ) . . . .   *JOBCTL       1-9, *JOBD, *JOBCTL           
   Output priority (on OUTQ)  . .   *JOBCTL       1-9, *JOBD, *JOBCTL           
   Print device . . . . . . . . .   *JOBCTL       Name, *USRPRF, *SYSVAL...     
   Output queue . . . . . . . . .   *JOBCTL       Name, *JOBD, *USRPRF, *DEV... 
     Library  . . . . . . . . . .                 Name, *LIBL, *CURLIB          
   User . . . . . . . . . . . . .   GENERIC       Name, *JOBD, *CURRENT...      
   Print text . . . . . . . . . .   *JOBCTL                                     
   Routing data . . . . . . . . .   *JOBCTL

This way the user can only clear the file you want him/her to clear.

We also use this method to submit job processing after a user has sent us as file such as updates to a table. This way we do not need trigger files or never ending programs. When we get the file it is processed.

You have to make sure that when using this security you grant authority for the user to the library, the file and the command.

System i FTP: Fast guide to Redbooks and articles

Adding security to FTP and the QUOTE RCMD command

This tip shows you how to overcome security problems with FTP and the QUOTE RCMD command.

Dig Deeper on FTP

How to view source files in the library

SAVF by FTP on AS/400 -- error "source file not found"

Transferring binary files to IFS from a PC via FTP

How to FTP without knowing the file name

System i FTP: Fast guide to Redbooks and articles

How to view source files in the library

SAVF by FTP on AS/400 -- error "source file not found"

Transferring binary files to IFS from a PC via FTP

How to FTP without knowing the file name

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchDataCenter

Improve server rack physical security with ISO standards

Essential private cloud migration steps

IBM quantum computers' usefulness in sight -- using binoculars

Related Resources

Dig Deeper on FTP

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.