This topic provides suggestions for reviewing the subsystem descriptions that currently exist on your system.
When you start a subsystem on a server, the system creates an environment for work to enter the system and run. A subsystem description defines what that environment looks like. Subsystem descriptions, therefore, can provide an opportunity for devious users. A mischief-maker might use a subsystem description to start a program automatically or to make it possible to sign on without a user profile.
When you run the Revoke Public Authority (RVKPUBAUT) command, the system sets public authority to subsystem description commands to *EXCLUDE. This prevents users who are not specifically authorized (and who do not have *ALLOBJ special authority) from changing or creating subsystem descriptions.
You can use the Work with Subsystem Descriptions (WRKSBSD) command to create a list of all the subsystem descriptions. When you select 5 (Display) from the list, a menu displays for the system description that you selected. It shows a list of the parts of a subsystem environment.
You select options to see details about the parts. Use the Change Subsystem Description (CHGSBSD) command to change the first two items on the menu. To change other items, use the appropriate add, remove, or change command for the entry type. For example, to change a workstation entry, use the Change Workstation Entry (CHGWSE) command.
For additional information about working with subsystem descriptions, including lists of the shipped values for IBM-supplied subsystem descriptions, refer to the topic: Work Management.