|
midrange.com
In a message dated 97-04-24 09:46:52 EDT, you write:
<< Having a library above QSYS is not bad, provided that the library is
secure
against adds & changes, and provided you have a good sense of what the
programs in the library are doing. Many people are dead set against putting
any vendor's library in their system library list because in the past many
vendors have been so cavalier about this practice. It seems that only
recently vendors are waking up to the fact that their products must
subscribe to reasonable security standards. (BTW, I'm hope that the days of
packages that blindly require *ALLOBJ authority simply so that they won't
encounter authority problems are numbered.)
IMHO, a vendor that proposes to put a library in the system library list
should;
1) Secure the library to *PUBLIC *USE
2) Put the absolute minimum number of necessary objects in the
library
3) Document the reasoning behind the need for a system level library
list,
4) Offer an alternative that technically capable shops could employ
if the system Library list was not desireable for a
particular shop.
5) Stone cold guarantee that none of these programs have hidden QCMD
calls in them.
It's important to understand that as the system administrator, I am
responsible for the system, not the vendor. If something goes wrong with
xyz package because abc package has replaced the defaults to a command, or
efg software has exclusivley allocated some system resource, I'm the guy who
is going to clean-up the mess. Some of our AS/400's have over a dozen
software packages on them. I can't afford to have them making system
management decisions for me. They don't even know what other packages are
present, let alone what they do.
jte >>
John,
You hit the nail right on the head, and I couldn't agree with you more.
It is so important that a vendors solution fit into an existing environment,
without imposing any adverse effects on the system or another vendors
software. While I don't think there are any vendors who try to "screw you
up", some vendors (none implied) do not take into account anything other than
their own package.
I think that people have a right to know and understand what is
happening to their system when a vendor installs a package, why certain
security levels or authority is needed, and what you are installing into
what (existing) library. Too many times I think that people are afraid to
question the "guru" sent to install the software, as they may be belittled by
the "guru" saying its done that way BECAUSE. To that I would say, "I am
throwing you out of here....BECAUSE!!"
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* This is the Midrange System Mailing List! To submit a new message, *
* send your mail to "MIDRANGE-L@midrange.com". To unsubscribe from *
* this list send email to MAJORDOMO@midrange.com and specify *
* 'unsubscribe MIDRANGE-L' in the body of your message. Questions *
* should be directed to the list owner / operator: david@midrange.com *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
