Gil Peleg wrote:
Ed, What I meant was that in many shops there are a lot of users who have implicit access to APF-authorized data sets.
ITYM implicit WRITE access ...
And if they wished to compromise the system they would be able to do so, even though they were never explicitly authorized to run their own written APF-authorized programs. There are many potential ways to do this, if the shop is not properly secured.
That proviso "... if the shop is not properly secured" is crucial. Your original post suggested that "anyone who has worked at the same shop for a long time [could learn to] become APF authorized". Now we're limiting the exposure to a shop with more or less "mickey mouse" security and sub-standard auditing of same. Big difference.
-- ----------------------------------------------------------------- | Edward E. Jaffe | | | Mgr, Research & Development | [EMAIL PROTECTED] | | Phoenix Software International | Tel: (310) 338-0400 x318 | | 5200 W Century Blvd, Suite 800 | Fax: (310) 338-0801 | | Los Angeles, CA 90045 | http://www.phoenixsoftware.com | ----------------------------------------------------------------- ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
