The HOSTSRESTRICTED system security option places restrictions on
-
The importation from foreign hosts of system files, compilers, backup files, and code files
-
The exportation to foreign hosts of program dump files
When the option is TRUE,
-
The access restrictions enable the security administrator to control the importation and use of the files.
-
All remote hosts are treated as restricted hosts.
-
Potentially hazardous files copied from a restricted host are marked as restricted.
When the HOSTSRESTRICTED option is TRUE and PROGDUMPFILTER is TRUE, only a user or process with privileged status can export a program dump file.
A nonprivileged user can import restricted backup files from a remote system. Importing any other types of hazardous files from a remote system requires privileged status on the destination system.
Only a user or process with security-administrator status can remove the restriction on a restricted file.
| Note: | File transfer products, other than Native File Transfer (NFT) and Host Services File Transfer, do not necessarily respect the setting of HOSTRESTRICTED. You should carefully consider whether such file transfer mechanisms provide enough protection against hazardous files before you grant them compiler privileges with the COMPILER modifier of the MP (Mark Program) system command. |
For information about restricted files, refer to Controlling File Access. For information about the HOSTSRESTRICTED option, refer to SECOPT Option Purposes.
