I may be called ignorant and a mainframe bigot, but I read to this point
Ayoub Elaasal, security auditor for Wavestone, though it might be fun to try. Sadly, he was able to find an exposure in z/OS rather fast, the ability of almost any user to edit the APF (authorized program facilities) and give yourself root access. At this point, you can do almost anything. ? on a lab system somewhere ? and hit my self in the head, so edit APF, hum how, parmlib, every place I've worked parmlib was secure and the SETPROG command is secure, then further on root access? hum, sounds like Unix system services not z/os services sorry - snow day today - slow news day Carmen Vitullo ----- Original Message ----- From: "Mark Regan" <marktre...@gmail.com> To: IBM-MAIN@LISTSERV.UA.EDU Sent: Tuesday, January 16, 2018 9:00:57 AM Subject: Fwd: Are Mainframes a Security Risk? | Enterprise Systems Media http://enterprisesystemsmedia.com/article/are-mainframes-a-security-risk ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
