Please comment and if you agree please vote: https://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=120120
Description:ISPF 3.17 currently will leave the UID set to whatever the user set it to when the dialog exits. If the user has changed the UID while in ISPF 3.17 then it should be reset back upon exit. Leaving it violates the principle of least astonishment. Please make this an ISPF site configuration option at a minimum. Use case:User enters ISPF 3.17, issues su to get into UID(0), performs some work. Then exits ISPF 3.17 and unknowingly is still under UID(0) and can accidentally cause damage. Business justification:This is a security/audit item. The user should explicitly know when they are under UID(0) and not be there by 'accident' -------------------------------------------------------------------------- Lionel B. Dyck (Contractor) <sdg>< Mainframe Systems Programmer - RavenTek Solution Partners ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
