Our instructions were to give them EXACTLY what they ask for or nothing. If he had asked in a more general way for a listing of user definitions, I would have prepared a sanitized USER DIRECT, but he was explicit and insistent on getting /etc/passwd. That was what was on his unix checklist.
/Tom Kern On Wed, 21 May 2008 10:54:49 -0500, McKown, John <[EMAIL PROTECTED]> wrote: >> -----Original Message----- >> >> My favorite was an auditor that wanted a printout of our >> /etc/passwd. This >> was a VM/SP system. When we stopped laughing at him and told >> him we didn't >> have such security holes, he went away. >> >> /Tom Kern > >What? You didn't give him your USER DIRECT? > >-- >John McKown ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
