|
Hi, group. Please forgive my intrusion but I seemed to have joined the list in the middle of a very interesting discussion. Can anyone elaborate as to why Security Level 30 is inadequate? I am a developer currently acting as System Admin for our AS/400. My boss in New York seems to think that Security Level 30 is more than enough. I'd like to show him why it isn't... Thanks! Kevin Steve Glanstein wrote: > Folks: > > First of all, if you're running at security level 30 or below you're not > going to be protected. Period, that's it, period. You should have upgraded > years ago when Charlie Massoglia, Tom Liotta, Joe Park, Stan Smith, and > myself were yelling about these issues...Even IBM was onboard about > increasing qsecurity to 40 years ago... Do not ignore this post. Pay close attention. Level 30 is completely inadequate for AS/400 security. If you're at Level 30, don't indulge yourself in the smugness of "Object Level" security, it just isn't adequate for an e-business world. jte > > > I haven't checked the RPG and/or MI program at level 40 to see if it works. > > The MI program fails at level 50. (Most of our RISC clients are at 50) > > The DMPSYSOBJ command can be easily changed at this time to remove public > authority to it. It doesn't dump passwords for our APPC connections since we > use the RMTUSER and RMTPWD on STRPASTHR and bypass the signon screen. > > With all of the screaming I thought I would wait and ask the simple > question, "Did anybody report this to IBM?" It's easy to take something like > this and keep it as a private tool for one's manhood (or womanhood). However > in my opinion, if IBM ever figures it out and gets a serious internet > presence with the AS/400 then we're really in for a ride... > > Steve Glanstein > mic@aloha.com > > +--- > | This is the MI Programmers Mailing List! > | To submit a new message, send your mail to MI400@midrange.com. > | To subscribe to this list send email to MI400-SUB@midrange.com. > | To unsubscribe from this list send email to MI400-UNSUB@midrange.com. > | Questions should be directed to the list owner/operator: dr2@cssas400.com > +--- -- John Earl johnearl@400security.com The PowerTech Group 206-575-0711 PowerLock Network Security www.400security.com -- +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.