---------------------------<snip>---------------------------
From one hand people say security by obscurity is no security. From the
other hand, it is easier to find some hole, when you know details about
the system.
--------------------------<unsnip>---------------------------
Most of us here on the list could probably develop a fairly accurate
picture of the configuration just from the information that's in
storage, so "security by obscurity" is a fairly nebulous concept at
best. On the other hand, knowing about the configuration does NOT
automatically confer the ability to interfere with it. Any shop that's
even moderately secure will have APF-authorized libraries secured from
unauthorized updates, preventing the hacker from implanting his goodies.
Knowing what datasets are authorized doesn't allow me to update them
with my code. QED ??
Regards
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
