Terry Sambrooks wrote: >Irrespective of what Userid was used or not perhaps we could agree that the >system 'hacked' was not a typical z/OS System but one provided by IBM for >bone fide developers.
>The Userid ADCDMST may not have been used to gain access but if it is the >owner of the file, which seems likely, then the implication is that the >system itself is one provide for IBM PartnerWorld for Developers, and >usually runs in a zPDT environment. If it is running in a zPDT environment >is implies that the ISV has not nailed down their security. Alternatively it >could be an unauthorised copy running on Hercules so is open to any >speculation. Indeed. My comment internally was that in terms of being a real security problem, this seemed kind of like complaining when you leave your car unlocked at the airport and somebody cleans out the change bin-IOW, you left it exposed, so no kidding it wasn't secure. Surprise, if you leave your SecurID, userid, and password sitting on your desk, someone can *also* get onto your system and wreak havoc (assuming you're a God-like System Programmer). "Nothing to see here, folks, move along..." OTOH, if it's showing something that most people wouldn't know/think to lock down, then it's a real risk and should be discussed further. ...phsiii ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
