Hello Gil, interesting flow.
You get a different result if you: 1. LOGON FUBAR --> IKJ564201I message and blank fields. 2. Overwrite the bad "*Userid ===> FUBAR" with a valid userid and PRESS ENTER 3. Rest of fields are now loaded with values. (proof of valid userid). 4. Modify fields as necessary. e.g. type TIME in COMMAND field 5. Lastly enter your password. In this flow the TIME command will be processed as expected. On Tue, 5 Jun 2007 19:29:12 -0500, Paul Gilmartin <[EMAIL PROTECTED]> wrote: <snip> > >Hmmm. I entered LOGON FUBAR at the READY prompt and got such a >blank screen with "IKJ56420I Userid FUBAR not authorized to use >TSO." So far, so bad. I overtyped the Userid; entered my password, >and entered TIME as the command. It allowed me to logon, but >executed the previously stored (possibly invalid) COMMAND, not the >"TIME" I had just entered. Ouch. Pretty much an error, IMO. Or >is there some security concern I'm overlooking? > >Of course, if the user is so rash as to enter "LOGOFF" as the >COMMAND, he can recover on the next logon attempt. (I'm so >rash. It works.) > >-- gil > Regards Bruce Hewson ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
