--- On Wed, 10/13/10, Ricc Harding <[email protected]> wrote: From: Ricc Harding <[email protected]> Subject: Re: Mainframe hacking? To: [email protected] Date: Wednesday, October 13, 2010, 3:56 PM
When I worked for a large computer manufacturing company in 1984, I would go ---------------SNIP----------------------------- Were the shops using any security product ie RACF/ACF2/Top Secret ?I suspect at that point in time they probably did not. I certainly did not know of any installations that were using them, except perhaps 1 and I think that one got the ACF/2 free (UIC). Also I think at that time from my rather poor memory was that even with a security package the systems were just not locked as they should have been. Somewhere in the late 80's (if memory serves me) companies really got serious about security. Of course if people posted the passwords with stickem notes then all bets are off on any security package. My vague recollection is that the first few years of RACF were pretty bad (for security) I just remember hearing people saying RACF can't ddo this or that and ***** could. My impression of these complaints were at best poor as even the product that claimed to be able to do the requested item was at best iffy and was very prone PTF retrofits and zaps on top of IBM modules. I am not so much as defending RACF (or any of the other products) as saying IBM had not put in SAF entirely every where it needed to go. I guess I would make this statement as far as any security product. If IBM doesn't make the insertion of the SAF call trying to insert any vendors codes is doomed to failue. Ed ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
