Start of change

CSAPP_FTPD_ANONYMOUS_JES

Description:
Checks to see whether ANONYMOUS users can submit jobs.
Reason for check:
When ANONYMOUS FTP is allowed on the FTP server, set ANONYMOUSLEVEL to 3 and ANONYMOUSFILETYPEJES to FALSE. Otherwise, anonymous users can submit jobs to run on the system.
z/OS® releases the check applies to:
Start of changez/OS V2R1 and later, with PTFs for APARs PI47637 and OA49668 applied.End of change
User override of IBM values:
Start of changeThe following sample shows the defaults for customizable values for this check. Use this sample to make permanent check customizations in an HZSPRMxx parmlib member used at IBM Health Checker for z/OS startup. If you just want a one-time only update to the check defaults, omit the first line (ADDREPLACE POLICY) and use the UPDATE statement on a MODIFY hzsproc command. Note that using non-POLICY UPDATEs in HZSPRMxx can lead to unexpected results and is therefore not recommended.End of change
Start of changeADDREPLACE POLICY[(policyname)] [STATEMENT(name)]End of change
UPDATE
CHECK(IBMCS,CSAPP_FTPD_ANONYMOUS_JES)
DATE('date_of_the_change')
REASON('Your reason for making the update.')
ACTIVE
SEVERITY(MEDIUM)
INTERVAL(ONETIME)
Debug support:
No
Verbose support:
No
Parameters accepted:
No
Reference:
For more information on ANONYMOUS, ANONYMOUSLEVEL and ANONYMOUSFILETYPEJES, see the following topics in z/OS Communications Server: IP Configuration Reference.
  • The ANONYMOUS (FTP server) statement
  • The ANONYMOUSLEVEL (FTP server) statement
  • The ANONYMOUSFILETYPEJES (FTP server) statement
Messages:
This check issues the following exception messages:
  • ISTH021E
See z/OS Communications Server: SNA Messages.
SECLABEL recommended for multilevel security users:
SYSLOW - see z/OS Planning for Multilevel Security and the Common Criteria for information on using SECLABELs.
Parent topic: Communications Server checks (IBMCS)
End of change