At the risk of flogging a dead horse, I truly believe in the minimum access to do the job, and separation of duties.
If you have a storage administrator, they should be the only ones with access to the storage administration tools. Not a sysprog, and definitely not application types. Yes, you can set up emergency procedures to pass the hammer to another person, or department (group); ensure that they know how to use it, or you might find a lot of smashed thumbs. I should have realised, since this was a security-based discussion, there was going to be a lot of opinions, arguments, and snide comments! So, unless something truly novel comes up, I'm not going to continue with this thread. - Too busy driving to stop for gas! ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
