OPSRMT and OPSCMD can issue commands whose authority level checking is bypassed. When OPSRMT or OPSCMD issues a cross-system command, the command eventually executes on the remote system using the authority levels assigned to the CA OPS/MVS address space.
This same problem can arise when OPSRMT or OPSCMD is invoked with the name of the local system. The command executes in the CA OPS/MVS address space of the local system and will be checked by your security system against the authority level of the CA OPS/MVS address space.
In general, OPSRMT executes the TSO command on the target system using the same security that the issuing user would have, had he or she logged onto TSO on the target system manually and issued the TSO command from a session. Specifically, before each command executes on the target system, CA OPS/MVS sets up the RACF, CA Top Secret, or CA ACF2 environment to ensure that the security products use the security clearance of the issuing user.
The security system on the target system must know the user ID of the user issuing a remote command and the user must have the same user ID on the target system. If this is not the case, a user can bypass security checks (and password checking of user IDs).
For example, suppose that user ID ABC is known on two MSF systems (called SYS1 and SYS2) but the user ID belongs to user X on SYS1 and user Y on SYS2. User X can log on to system SYS1 and issue an OPSRMT command to SYS2. The command will execute on the SYS2 system using the security clearance of user Y, without user X ever knowing the password of user Y.
You can install additional security beyond that available for your security package using any of these methods:
|
Copyright © 2014 CA.
All rights reserved.
|
|