On 9/20/2010 9:12 PM, Alan Altmark wrote:
I encourage folks NOT to create anything that makes it easier to store
unencrypted passwords. I'd rather have an APPC/IUCV-based password server
that will return a user's password if the requester hase been authorized
to retrieve it. It could supply a RACF PassTicket or the value out of the
directory. (The app doesn't care which it is.)
(Almost) ANYTHING is better than creating password repository that must be
audited and managed. (gag)
I'd rather have something like :
- Open Lxxx
- Ask ESM (or some VM which can ask the ESM) to allow me to log on to
"userx" without password from LDEV Lxxx
- ESM (or ESM proxy) grants (or refuses)
- If ESM grants, enter userx in the login logo field, and get granted
logon (by the ESM) without password from the LDEV.
This way no secret ever gets exchanged.. And if the requesting user is
no longer authorized to do this, then it's only a matter of changing the
ESM setting - NOT changing the password.
(Dunno if you can do that RACF/VM though).
PS : It also requires the ESM/ESM Proxy to trust CP as to the originator
of the request which can possibly be circumvented depending on
circumstances (access to hardware, STORE HOST, Diag D4, etc..)
--Ivan
