> -----Original Message----- > From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On > Behalf Of David Eisenberg > Sent: Tuesday, February 26, 2008 8:54 PM > To: [email protected] > Subject: Re: Newbie RACROUTE question: how to *test* authorization? <Snipped> > The violations are occurring as a result of a text string scan across all > members of a production source code library... The problem is that > there's no easy way to instruct the scanning program to skip the read- > protected members. So the programmer gets a meaningless violation for each > read-protected member in the library. > > In my view, this ought to be an acceptable use of LOG=NONE. If the > programmer isn't allowed to view the member, the security exit won't let > it be scanned. The members are secure. Why record endless violations that > are essentially noise, and might mask an actual hacking attempt?
I agree with you about this type of "harmless" testing of authority to access. However, given the god-like authority of auditors these days, maybe it would be more helpful to you (and easier to get past the auditors) to have an additional parameter to RACROUTE which said, in effect, "Don't tell me about any violations. I don't care if you record the attempted access in SMF, but don't bother telling me about it." I.E., suppress the message but go ahead and cut a record if you want to. Of course, that doesn't address the SMF noise issue for those who really need to track attempted accesses to truly important resources to detect actual hacking attempts. Just my USD$0.02 worth. Peter This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
