There are some MVS commands that are hard to understand how and why they were created. What bothers me is the fact that the input of the commands that modify MVS behavior allows input from private dataset. These are the first commands I am trying when I do a pentest... For example: *SETLOAD* allows on-the-fly change of parmlib concatenation using a dataset that is not part of the parmlib concatenation itself. for example: SETLOAD 03,PARMLIB,DSN=sys4.relson TCPCIP *OBEY* command allows specification of TCPIP configuration from a private library.
How frequent do you use these commands (if ever) and how do you identify the use (assuming that the commands are protected by your ESM). I wonder why IBM allows such a scenario. ITschak ITschak Mugzach *|** IronSphere Platform* *|* *Information Security Continuous Monitoring for z/OS, x/Linux & IBM I **| z/VM coming soon * ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
