John,
At 06:13 AM 5/6/99 -0700, you wrote:
>> I don't remember the problems with exit points (other than finding them
>> all), but the security strategy is (basically):
>The original knock on exit points was that they did not handle non-IBM
ODBC. None
>of the third party ODBC vendors used the IBM ODBC exit points, they were
all using
>DRDA and prior to V4R1 DRDA had no exit point. But IBM understood the
hole that
>this left for customers and put together a DRDA exit point for V4R2 and
then PTF'd
>it back to V4R1.
The above points outs an actual hole that used to be there. But the major
problem is that access to the /400 is constantly changing. If you don't
have an *Exclude / adopt kind of security scheme a new access method can
open a new security hole.
-mark
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---
