Kirk, No way! This is under the title of mainframe modernisation. There are so many services that are based on open source as well as many vendor products. Open source is part of our life. Now we have to deal (and live) with it.
What I am saying is that there are thousands of java jar files in USS and you don't know your risks. Just for the record, on my 2.3 system there are about 14,000 different jar files. We were able to analyze all of them and propagate it with NVD. Will run tomorrow on 2.4. I expect to see the same issues. ITschak *| **Itschak Mugzach | Director | SecuriTeam Software **|** IronSphere Platform* *|* *Information Security Continuous Monitoring for Z/OS, zLinux and IBM I **| * *|* *Email**: [email protected] **|* *Mob**: +972 522 986404 **|* *Skype**: ItschakMugzach **|* *Web**: www.Securiteam.co.il **|* On Tue, Jan 18, 2022 at 6:42 PM Kirk Wolf <[email protected]> wrote: > Since I would guess that a majority of ibm-mainers would agree that open > source is confusing and dangerous, here's a question: > > Let's say that an organization wanted to prohibit open source. How would > you go about it? > > Kirk Wolf > Dovetailed Technologies > http://dovetail.com > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
