On Sun, 19 Mar 2017 07:00:27 +0000, Mark Wilson <[email protected]> wrote:
>Just following up on your comment re your curiosity re IEFOPZxx debate on the >GSE UK LSG Agenda. > >We will debate IEFOPZ from two perspectives: > >The first being how, why and when to use it, as its one of those topics that >can potentially just slip by if the techies are not paying >attention. > >The second and the more interesting discussion will be around any potential >security issues that could be exploited, by a rogue user, >who has update or higher access to PARMLIB, couple with some patience or the >ability to dynamically enable this for a given program. > >Given they could introduce their own code into the system, there are several >security questions to be asked: Speaking as a former security designer for z/OS, I have to say that if a rogue user has update access to PARMLIB you have a lot more than IEFOPZxx to worry about. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
