CSAPP_FTPD_ANONYMOUS_JES
- Description:
- Checks to see whether ANONYMOUS users can submit jobs.
- Reason for check:
- When ANONYMOUS FTP is allowed on the FTP server, set ANONYMOUSLEVEL to 3 and ANONYMOUSFILETYPEJES to FALSE. Otherwise, anonymous users can submit jobs to run on the system.
- z/OS® releases the check applies to:
- z/OS V2R1 and later, with PTFs for APARs PI47637 and OA49668 applied.
- User override of IBM values:
- The following sample shows the defaults for customizable
values for this check. Use this sample to make permanent check
customizations in an HZSPRMxx parmlib member used at
IBM Health Checker for z/OS startup. If you just want a one-time
only update to the check defaults, omit the first line (ADDREPLACE POLICY)
and use the UPDATE statement on a MODIFY hzsproc command.
Note that using non-POLICY UPDATEs in HZSPRMxx can
lead to unexpected results and is therefore not recommended.
ADDREPLACE POLICY[(policyname)] [STATEMENT(name)] UPDATE CHECK(IBMCS,CSAPP_FTPD_ANONYMOUS_JES) DATE('date_of_the_change') REASON('Your reason for making the update.') ACTIVE SEVERITY(MEDIUM) INTERVAL(ONETIME)
- Debug support:
- No
- Verbose support:
- No
- Parameters accepted:
- No
- Reference:
- For more information on ANONYMOUS, ANONYMOUSLEVEL and ANONYMOUSFILETYPEJES, see the following
topics in z/OS Communications Server: IP Configuration Reference.
- The ANONYMOUS (FTP server) statement
- The ANONYMOUSLEVEL (FTP server) statement
- The ANONYMOUSFILETYPEJES (FTP server) statement
- Messages:
- This check issues the following exception messages:
- ISTH021E
- SECLABEL recommended for multilevel security users:
- SYSLOW - see z/OS Planning for Multilevel Security and the Common Criteria for information on using SECLABELs.