> Some of the checks do make sense and are useful, but only look at the > duplication of the 'racf-sensitive-resources' which is a CC12 check and the actual > contents-supervision check, which tells you the same, just as a cc4 exception.
Yes, those of us in Security do consider that a more serious problem than the folks in Contents do. And I suppose there's a good argument that if you have all the appropriate other security controls in place there's no need to flag it as a high severity exception. We just have found no way to know whether you actually have all those other controls in place. If I remember correctly you need to protect several (perhaps 8-10?) for other functions properly or you really can have a severe exposure for the case that triggers that warning. -- Walt Farrell, CISSP IBM STSM, z/OS Security Design ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
