Securing the REXEC server

Use these recommendations for securing the REXEC server.

Considerations for running the REXEC server on your system:
  • An REXCD request includes a user ID, a password, and the command to run. Normal server authentication and authority checking applies:
    • The user profile and password combination must be valid.
    • The system enforces the Limit capabilities (LMTCPB) value for the user profile.
    • The user must be authorized to the command and to all of the resources that the command uses.
  • The REXEC server provides exit points similar to the exit points that are available for the FTP server. You can use the Validation exit point to evaluate the command and decide whether to allow it.
  • When you choose to run the REXEC server, you are running outside any menu access control that you have on your system. You must ensure that your object authority scheme is adequate to protect your resources.