Subject: | |
From: | |
Reply To: | Stigers, Greg ~ AND |
Date: | Mon, 24 Aug 1998 14:11:40 -0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
The NT ftp server does not allow for remote shell commands via the SITE
command; the NT ftp SITE command is limited to CKM, DIRSTYLE, HELP, and
STATS. Perhaps third-party servers do more.
You probably know that we now have rsh on MPE. The ResKit includes a
rshsvc, that you can use for remote shell functions, although MS advises
against it for security reasons. As such, this should be thought thru
carefully. A typical approach is to allow access to a single directory,
containing just the data file as rw only, and the cmd or bat file as
execute only. I would use two different ids for the two services, so the
ftp id cannot access the bat, and the rsh id cannot access the data, but
some would consider that approach overly careful to the point of
paranoid. OTOH, it might keep the auditors quiet.
|
|
|