On Fri, Jul 7, 2017 at 8:05 AM, Barbara Nitz <[email protected]> wrote:
> A colleague of mine just asked me if ISPF statistics in a data set, > especially the USERID field, can be manipulated. We used ISPF 3.5 and we > were both astonished that I was easily able to fake a userid as the one who > last changed a member (testing in my own dataset, of course). > > This immediately raised the question for me if there is any RACF control > that would prevent this type of manipulation, especially since the userids > in those statistics are widely used as evidence. Does anyone know if there > are such RACF controls? A quick search in the ISPF books didn't turn up any > hint. > > Barbara > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > I hijack the USERID field often (using "G" next to the member in ISPF, or "Z" with DSC/IPT) to put additional info about the member. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
