> On Jan 17, 2018, at 1:48 AM, Sankaranarayanan, Vignesh > <vignesh.v.sankaranaraya...@marks-and-spencer.com> wrote: > > "... he was able to find an exposure in z/OS rather fast, the ability of > almost any user to edit the APF (authorized program > facilities) and give yourself root access." > > ROFLMAO > > That someone examined a very poorly secured z/OS system proves nothing. > > -- > Tom Marchant
Tom, You are spot on. I went to such a session and they were plowing on through with their presentation. I asked if the system was properly RACF protected, he tried some double talk and I asked specifically if sys1.parmlib was protected and he started up with the double talk. I stood up and said if you do not have a properly protected system, then YES you can play the tricks they were going through, I then said if sys1.parmlib is NOT protected then you get what ever you are trying to sell here. Someone 3 or 4 rows away from me said something to the effect that your software isn’t doing the basics then you shouldn’t let anyone near the system. The speaker got up and said yes this system was protected by RACF. I then asked if all the needed RACF rules had been written and no one could update any APF library. He then tried a run around and said all the program had to do was issue the SVC to do operator commands. I suggested then the system wasn’t properly RACF protected. The guy up on stage called for a coffee break. The guy that was running the show came over to me and told me I was being disruptive and could I please leave. I said sure as long as you promise to give an honest presentation. He said, OK, LEAVE now. I left and I think that a lot of people left after I did. Ed ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
