Vendors should restrict read access to their FTP upload sites in case there is sensitive data included. Dumps are a good example where customers cannot sanitize the file. There are some customers that will not send a dump because they cannot sanitize it. In those situations, you are forced to send diagnostic execs and work remotely. Jon. On Saturday, August 24, 2019, 03:17:30 PM PDT, Arthur <ibmmain.10.ats...@xoxy.net> wrote: I once had to FTP a dump to a vendor. I saw that the directory was set up to allow read without a password. I refused to send the dump until they fixed the security. It was a long time ago, and I can't remember the outcome, though I know they argued with me. I will admit that it's unusual to require a password for read but not for write/create.
---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
