On 2 April 2013 18:26, Dave Cole <[email protected]> wrote: > You don't need to subvert z/OS to subvert a system. There are myriad > business critical programs that run in problem state. While well formed RACF > rules can offer protection, I wonder how many such rules are well formed. > > In any case, a malicious or sloppy "insider" doesn't have to be inside the > Systems staff. He need only be inside the business-systems-knowledgeable > community or even the system's trusted user community.
I think that's roughly what I said, but I was doubtless not clear. Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
