Chris: Fortunately, we have a good VTAM specialist. Of course i talked with him about this idea even before posting to the list. However, in our shop and in a more general context, when i try to make some security change (like this one), i find that support people do not bother very much about security issues.
They want the system running fine. That is, of course, an excellent idea. Reaching this point, where products and components run ok, they are not very interested in properly securing them. Given the fact that there is a separate security department (where i work), they feel that security is not their business. In concrete, if i want to change VTAMLST access from UACC(READ) to UACC(NONE), that is not something they are interested in at all. It is MY problem. And, of course, if something crashes after the change, i will be the culprit. Moreover, if i dont make the change and someone extracts some valuable information from VTAMLST for bad purposes, i will also be the culprit (because of allowing anybody to read it). You get the idea... JUAN MAUTALEN --- El dom 11-mar-12, Chris Mason <[email protected]> escribió: > So this leads to some advice for Juan: > > Juan > > In the thread you initiated last August in the RACF-L list > regarding the VTAMAPPL class, you said you didn't know a > great deal about VTAM. Well, it would seem that the person > to whom you should turn first is the VTAM specialist in your > installation for advice on anything to do with VTAM. Then he > or she can post - probably the best place being the IBMTCP-L > list[1] - for any additional help. > > I have, of course, always to assume that in any installation > where VTAM is used in earnest - not necessarily in > conjunction with "business-critical" activity but close to > it - there is such a specialist. Unfortunately I have heard > of installations with holes in their feet! > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
