× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  • Subject: Re: DMPSYSOBJ, SETSPFP, etc.
  • From: kjennings@xxxxxxxxx
  • Date: Thu, 15 Jun 2000 15:09:20 -0400



Hi, group.  Please forgive my intrusion but I seemed to have joined the list in
the middle of a very interesting discussion.
Can anyone elaborate as to why Security Level 30 is inadequate?  I am a
developer currently acting as System Admin for our AS/400.  My boss in New York
seems to think that Security Level 30 is more than enough.  I'd like to show him
why it isn't...

Thanks!

Kevin


Steve Glanstein wrote:

> Folks:
>
> First of all, if you're running at security level 30 or below you're not
> going to be protected. Period, that's it, period. You should have upgraded
> years ago when Charlie Massoglia, Tom Liotta, Joe Park, Stan Smith, and
> myself were yelling about these issues...Even IBM was onboard about
> increasing qsecurity to 40 years ago...

Do not ignore this post.  Pay close attention.  Level 30 is completely
inadequate for AS/400 security.  If you're at Level 30, don't indulge yourself
in the smugness of "Object Level" security, it just isn't adequate for an
e-business world.

jte




>
>
> I haven't checked the RPG and/or MI program at level 40 to see if it works.
>
> The MI program fails at level 50. (Most of our RISC clients are at 50)
>
> The DMPSYSOBJ command can be easily changed at this time to remove public
> authority to it. It doesn't dump passwords for our APPC connections since we
> use the RMTUSER and RMTPWD on STRPASTHR and bypass the signon screen.
>
> With all of the screaming I thought I would wait and ask the simple
> question, "Did anybody report this to IBM?" It's easy to take something like
> this and keep it as a private tool for one's manhood (or womanhood). However
> in my opinion, if IBM ever figures it out and gets a serious internet
> presence with the AS/400 then we're really in for a ride...
>
> Steve Glanstein
> mic@aloha.com
>
> +---
> | This is the MI Programmers Mailing List!
> | To submit a new message, send your mail to MI400@midrange.com.
> | To subscribe to this list send email to MI400-SUB@midrange.com.
> | To unsubscribe from this list send email to MI400-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator: dr2@cssas400.com
> +---

--
John Earl                               johnearl@400security.com
The PowerTech Group                     206-575-0711
PowerLock Network Security              www.400security.com
--



+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.