On the other hand, anyone who worked at the same shop for a long time knows how to "trick" its systems. How to run jobs with any jobclass (and maybe form some kind of a denial of service attack?), how passwords are managed, who are the powerful users, what resources are not properly protected, how to falsify identities under CICS/IMS, how to run batch jobs under other users, how to become APF-authorized, how to utilize error in 3rd party products, and the list goes on... Every shop and every experienced system programmer (some times not even a system programmer, but an experienced programmer) has their tricks. Of course, all of this comes from bad implementation of the security tools and not the infrastructure provided by the operating system, but still, IMO, if mainframes were holding a larger market share, we would be hearing of more security breaches on mainframes. I agree the mainframe has all it takes to be a highly secured platform, but I have seen not 1 and not 2 shops that just dont facilitate all the required mechanisms to become highly secured. Simply running on mainframe doesnt make it harder to breach into your system, it only makes it unlikely. Only implementing a strong and correct security policy makes it harder to breach into your system. Gil.
---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
