On Friday, 02/10/2006 at 11:39 CST, Marcy Cortes <[EMAIL PROTECTED]> wrote: > I tend to agree with Rich. No one here gets an ID on a VM IFL system > except the systems programmers. We all have privileges anyway and know > how to use them :)
But it's not about the systems programmers - it's about what happens when someone breaks into your class G guest. For a sandbox, "shields down" is fine, but for production environments, I'm not quite so ready to agree. <tantalizing_tidbit> We've got some really neat-o keen stuff coming down the pike that I think will satisfy both sides of the discussion, providing ease of use for the sysprog while still maintaing an ACL (access control list) philosophy adored by us totalitarian security weasels. </tantalizing_tidbit> Alan Altmark z/VM Development IBM Endicott ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
