W dniu 04.02.2022 o 00:12, Farley, Peter x23353 pisze:
I'll be the first to admit that I know just enough of what is in SYS1.PARMLIB
to be dangerous, BUT . . .
What information could possibly be gleaned from reading PARMLIB that would
require a knowledgeable auditor to insist on restricting read access (other
than security by obscurity and sysprog/auditor job security)?
Just curious, I don't plan on hacking anything.
Official IBM documentations says the proper security setting for PARMLIB
is READ.
This is good answer to any auditor.
(Exceptions like open-text passwords should be moved to separate
dataset, but definitely avoided)
IBM's clarification: the information in PARMLIB is accessible to any
non-privileged user via control blocks, CVT, etc.
My humble opinion: security by obscurity is no security. Educated hacked
(or currently trendy "threat actor") will get relevant information
without readind PARMLIB. Uneducated hacker... Stop! If you afraid of
uneducated hackers then you quickly need to fix something.
My €0,02
--
Radoslaw Skorupka
Lodz, Poland
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
