There are lots of poster children for poor security policies. Assigning two different userids to the same UID, two different groups to the same GID or two users to the same userid doesn't begin to exhaust poor policy, and I'm not sure how many poor practices RACF can prevent without pushback from customers.
-- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 ________________________________________ From: IBM Mainframe Discussion List [[email protected]] on behalf of Paul Gilmartin [[email protected]] Sent: Wednesday, February 16, 2022 4:48 PM To: [email protected] Subject: Re: How to Get UserID in non-TSO REXX On Wed, 16 Feb 2022 21:25:23 +0000, Seymour J Metz wrote: >It would definitely be more fun if two different users had the same UID. > RACF should prohibit that. That's what group IDs are for. That's what BPX.SUPERUSER is for. What if two different users had the same TSO ID? (It's done; security admins [should] disparage it.) You can write Assembler in any language. Then you have the delight of re-coding for each target platform. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
