Security considerations with DDM

DDM uses the QUSER profile by default, when another machine accesses files. This might pose a possible security issue, because data can be read and written by an anonymous user.

On the AS/400 DDM can be used by creating a DDM file with the CRTDDMF command, and using the RMTFILE parameter fields to point to a valid file on the remote server.

The RMTLOCNAME parameter can either point to a SNA/APPN node, or to an IP host name.

• APPN/APPC is enabled by default on OS/400. As soon as an APPN adjacency has been configured between any two machines, DDM can be used. It's an APPC service which is started on demand by a requesting APPC client. Given the usually limited reach of SNA networks today, and the necessity of former APPN configuration steps, the chance of a really anonymous attacker abusing this capability is low.
• If you don't need DDM functionality over TCP/IP transport, simply ENDTCPSVR SERVER(*DDM), and make sure you disable autostart (CHGDDMTCPA AUTOSTART(*NO)).
• If you need DDM functionality over TCP/IP transport, make sure you set PWDRQD at least to *YES, better to *ENCRYPTED.

Weblinks

• Changing DDM Jobs from Using the QUSER User Profile, IBM
• Security and DDM Files, IT Jungle