Running MAKEUSER Securely

Security Risks

Even when security-administrator status is enabled, the following three features are still available that could possibly result in unintended alterations to the USERDATAFILE:

  • DEFAULTDEFINES files

  • The INPUT option

  • File-equating an external file to CARD

The potential for misuse arises because

  • The data is stored in an external file.

  • When MAKEUSER is executed, it reads that file and alters the USERDATAFILE.

  • Any privileged user can gain access to these external files and alter them.

For maximum protection of the USERDATAFILE, run your system with security-administrator status enabled and do not permit the use of any external files as input to a MAKEUSER run.

Security Recommendations

To avoid all use of external files as input to MAKEUSER, take the following precautions:

  1. Run MAKEUSER only in interactive mode.

  2. In the MAKEUSER RUN statement, do not equate any external file to CARD.

  3. Once MAKEUSER is running, if a DEFAULTDEFINES file is present, the following message appears: 

    DEFAULTDEFINES FILE WILL BE USED, OK TO CONTINUE

    If this message appears, enter ?DS to end the MAKEUSER session. If the message does not appear, continue the session.

  4. Do not use the INPUT option.

If an unintended DEFAULTDEFINES file is present

  1. List the file DEFAULTDEFINES and try to determine what kind of a security threat it represents.

  2. Attempt to determine who placed the DEFAULTDEFINES file under your usercode. Take the following steps:

    1. In CANDE, enter LFILES DEFAULTDEFINES to obtain the creation date of the file titled DEFAULTDEFINES.

    2. Run LOGANALYZER designating the log file that contains records from the time the file DEFAULTDEFINES was created. Specify the LOGANALYZER FILE option to return all file-creation log records.

    3. Inspect the LOGANALYZER report for the DEFAULTDEFINES creation record. This record lists the usercode of the user who created the file.

  3. When you have completed your examination of the DEFAULTDEFINES file, remove it.

If you want to use a DEFAULTDEFINES file despite the security risks involved, respond to the MAKEUSER message with the AX (Accept) system command as follows: 

<mix number> AX OK

Enter the mix number of the MAKEUSER task in place of <mix number>.

Refer to the MCP Security Overview and Implementation Guide for suggestions about how to generate a disk file of a LOGANALYZER report that can be searched with the FIND command in CANDE.

DEFAULTDEFINES files, the INPUT option, and file-equating CARD are described more fully later in this section.

Prev  Up  Next
MAKEUSER Statements  Home  Installing a Previous Version of the USERDATAFILE