We recently found out (or rather our auditers found out) that you don't need a 
TSO segment to use FTP from a PC to z/OS.

I tested with an id that was only defined to one CICS region.
I could not sign on to TSO with it.
But, I could access FTP.

Our security and audit people think this is a security exposure.
Two questions:
1. Is it?
2. If it is, how do we close it?

When in doubt.
PANIC!!    

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Reply via email to