On Sun, 26 Jul 2009 22:54:52 -0700, Ed Gould <[email protected]> wrote:
> >>Not true... We had a programmer who wrote an SVC screener ... >SVC screener = APF. > >APF means that you can update the dataset without opening it. > > >So??? countless installations still do not have a clue about APF >libraries. ... The "so" is that once you're talking about APF authorized programs MVS security concerns are no longer on the table - the door is open. The technique used at that point - manual response to a security prompt, automated response to a security prompt, access to the dataset without going through a security check, etc. doesn't really matter - technical details. If a shop has lax controls over authorized libraries then they indeed have a security problem, but it's not a "mainframe" problem; it's a management problem. Pat O'Keefe ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
