View previous topic :: View next topic
|
Author |
Message |
t5590ag
Active User
Joined: 21 May 2009 Posts: 139 Location: United States
|
|
|
|
All,
i have a following PERL SCRIPT which looks like -
Code: |
//STEP015 EXEC PGM=REXEC, TIME=NOLIMIT,
// PARM='/-l aaaaaa -p log001 111.1.111.222 updInspct.pl INSPCT'
//SYSTCPD DD DSN=SYS1.TCPPARMS(TCPDATA),DISP=SHR
//SYSPRINT DD SYSOUT=*
//* |
is there a way i can put it in a dataset(protect it) so that its not hard coded like this and pass that dataset as sysin to this utility. |
|
Back to top |
|
|
enrico-sorichetti
Superior Member
Joined: 14 Mar 2007 Posts: 10873 Location: italy
|
|
|
|
what You posted is just plain ole JCL |
|
Back to top |
|
|
Robert Sample
Global Moderator
Joined: 06 Jun 2008 Posts: 8696 Location: Dubuque, Iowa, USA
|
|
|
|
Look at NETRC in the Communciations Server bookshelf; NETRC works with REXEC and will provide you the protection you are wanting (if you get your security group to secure the NETRC data set).
And as Enrico said, what you posted is NOT a Perl script; it is JCL that executes something (which could be a Perl script) on a remote machine. |
|
Back to top |
|
|
t5590ag
Active User
Joined: 21 May 2009 Posts: 139 Location: United States
|
|
|
|
Thanks a lot Rob/Enrico, for checking it out. I found resolution most likely by using the NETRC dataset as Rob suggested to protect the user id and pw. |
|
Back to top |
|
|
Anuj Dhawan
Superior Member
Joined: 22 Apr 2006 Posts: 6250 Location: Mumbai, India
|
|
|
|
I got a similar request by one of my known as well, some time back. Though they talked about hiding IP/password from JCL itself... . If you want to hide IP and password from JCL, possibly a stupid trick can be as follows:
Code: |
// JCLLIB ORDER=HLQ.PARAMTER.JCL
//*
// INCLUDE MEMBER=HIDEIT
//*
//STEP015 EXEC PGM=REXEC,TIME=NOLIMIT,
// PARM='&PRM1'
//*
//SYSTCPD DD DSN=SYS1.TCPPARMS(TCPDATA),DISP=SHR
//SYSPRINT DD SYSOUT=*
//* |
and HIDEIT will have
Code: |
// SET PRM='/-l aaaaaa -p log001 111.1.111.222 updInspct.pl INSPCT'
|
However, using all this if we manage to "hide" this data in the source, it would be visible to anyone with access to the job queue. The ideal solution to use the NETRC facility, as Robert has said. This will allow us to use the NETRC data file which can be secured. However, that will require one to talk to site support group and have the site security person secure it as required. Depending upon where the FTP is going, the security may be fairly loose or very restrictive but that’s whatyou should be doing. |
|
Back to top |
|
|
|