On Thu, Sep 17, 2009 at 10:58 AM, Bill Holder <hold...@us.ibm.com> wrote: > I'd agree with that point in cases where it's less clear, but in > this case, it's perfectly clear that the user action would have > been harmless if not for the administrator typo. I don't disagree > that more protection at the user action level would be nice in > this case, that's really different discussion than whether this > constitutes a denial of service exposure.
OK, I buy that. If the sysprog does a UCR to make SHUTDOWN class G, it isn't VM's fault if a user issues SHUTDOWN.
