No argument there! :-) Charles
-----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Bob Bridges Sent: Thursday, May 9, 2019 9:24 PM To: [email protected] Subject: Re: Can backup mechanisms be used to steal RACF database? was Re: mainframe hacking "success stories"? No, ~I~ quoted "there are solid indications" etc. Mr Mills asserts that they did not, which is contrary to my own reading but at this remove perhaps it doesn't matter. Whatever actually happened at Logica, the important point is that with read access a hacker would be able to do so, a situation most ardently to be avoided :). The lesson I take from this, and pass on to my clients, is that read access to the security database is a huge exposure and in most cases - that is, for most user IDs - completely unnecessary. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
