On Tue, 20 Mar 2012 13:25:09 -0500, Kirk Wolf wrote: >I can agree that OMVS segments should usually have their own directory. > It would be possible to have them share a common directory, but in that >case you would usually want to make it ready only, which would prevent some >z/OS Unix stuff from working but not, AFAIK, FTP. > >But in order to have complete control over FTP access, you may want to >implement a FTCHKCMD exit. See the z/OS Comm Server documentation for >details; a sample is provided by IBM. > Where's "chroot" when you need it?
>On Tue, Mar 20, 2012 at 1:01 PM, Bruce Wheatley wrote: > >> We have numerous external clients and on occasion have found that >> depending on what product they use for FTP, their file transfer may in some >> fashion refer to our root directory or potentially the file transfer client >> being used defaults to a root directory. >> "In some fashion" may mean the conventional command, "cd /". The customary way to sequester this is to "chroot" after forking the child. >> In order to prevent such access were planning to change each userids >> OMVS segment to have a HOME directory of: /u/userid. (Currently we just use >> / .) >> <GASP!/> -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
