--- On Sun, 7/26/09, Binyamin Dissen <[email protected]> wrote:
From: Binyamin Dissen <[email protected]> Subject: Re: Mainframe hacking (getting back on topic) To: [email protected] Date: Sunday, July 26, 2009, 2:39 PM On Sun, 26 Jul 2009 10:56:17 -0700 Ed Gould <[email protected]> wrote: :>--- On Wed, 7/22/09, Binyamin Dissen <[email protected]> wrote: :>From: Binyamin Dissen <[email protected]> :>Subject: Re: Mainframe hacking (getting back on topic) :>To: [email protected] :>Date: Wednesday, July 22, 2009, 6:42 AM :>On Wed, 22 Jul 2009 02:14:48 -0400 Gerhard Postpischil <[email protected]> :>wrote: :>:>Binyamin Dissen wrote: :>:>> Before RACF there were expiration dates. :>:>Expiration dates are too easy to bypass. :>Required access to the console. :>----------------------------- :>Not true... We had a programmer who wrote an SVC screener and issued the r xx,u for the update. He got away with it for quite some time. I was walking past the console one day and there were the messages and the reply flying past on the screen. SVC screener = APF. APF means that you can update the dataset without opening it. So??? countless installations still do not have a clue about APF libraries. I saw one installation that was putting production modules all liked with ac(1). They did not know why they just authorized it. There is no accounting for "trust" in some installations. Of course we know an wide open APF library is a real no no but again some installations have this "buddy" system and or management says it is to "BE" and they follow meekly without waving the flag. Frankly it is a bomb waiting to go off. I am sure there are lots of these types out there. Ed ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
