|
>>In future releases, will there be a security level that prevents the >>creating of a cmd that has the same name as an ibm cmd? > >I have never heard of anyone suggesting that we prevent customers from >naming their commands (or programs) anything they want. > I would be in favor of it. Dont allow anything in the library list above QSYS to contain an object with the same name as a QSYS object. Provide a system value to enable the restriction. Default is no restriction. Use a registration facility to allow a *SecAdm user to override the restriction, one object at a time. Of the trojan horse scenarios described, this is the one that I would guess shops are most vulnerable to. ( most shops probably have a lib above qsys that contains customized versions of system cmds. If *Public can add an object to that library ( the default value ), then your system is wide open to mischief. ) Steve Richter +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
