On Thu, Feb 4, 2010 at 1:44 PM, Schuh, Richard <[email protected]> wrote:
> It isn't a matter of trust, it is a matter of minimizing the risk of an
> accidental SHUTDOWN. Here MAINT does not have class A; however it does have
> class C. That allows it to use the SET PRIV * +A in order to issue class A
> commands such as Q CPDISKS, CPRELEASE and CPACCESS. By requiring that extra
> step of the SET PRIV, it heightens the awareness of the person to the fact
> that they now have extraordinary capabilities and responsibilities.
>
Exactly. I'd argue that "best practices" (a term I hate) has even MAINT
doing a CP SET PRIVCLAS * =BEG (unless that's disabled, of course) in its
PROFILE EXEC, and then using a CLASS EXEC for privileged commands:
CLASS A SHUTDOWN
