On Thursday, 02/12/2009 at 09:45 EST, Colin Allinson <[email protected]> wrote:
> That is, indeed, a good point. In a well controlled environment, (good > attention paid to physical security as well as controlled authorities), it > should not be needed. I am not sure, however, that it is possible to always > make that assumption. The system already does. The radioactive STORE HOST command, able to subtly and significantly alter the eDNA of the system, and arguably the most dangerous (even if occassionally useful) CP command extant, does not require password confirmation. Likewise, RACF admin commands issued by a RACF SPECIAL users do not prompt. So I'm not sure that the false sense of security engendered by NEEDPASS YES is healthy. Alan Altmark z/VM Development IBM Endicott
