On Tue, 24 Apr 2012 12:05:28 -0500, Paul Gilmartin <[email protected]> wrote:
>Hmmm. This could be the basis for the APAR IO11698 fiasco >two years ago in which IBM manfestly allowed an integrity >exposure to remain unrepaired but provided a means of limiting >access to the dangerous tool. No, it's not related to anything like that. >I have been granted the RACF >authority as I need it for my job; this indicates that I qualify >as highly trusted. But it irritates me that I have never been >given instructions concerning what behavior I must avoid in >order not to compromise system integrity. Having that authority, there's nothing special you neeed to do to avoid compromising system integrity, beyond what you would normally do as someone with the authority to update APF libraries. By granting you that authority, the security administrator has merely indicated his trust that you will not actively try to compromise system security or integrity, and that he trusts you as much as he would had he given you UPDATE to the APF libraries and other sensitive system libraries. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
