|
*SAVRST special authority can also negate *EXCLUDE access to private objects that you do not want read. A user with *SAVRST is not prevented from viewing the contents of an object (sure, there is a hoop or two to jump through, but it can be done). It might be viewed as *ALLREAD special authority. jte -- John Earl johnearl@powertechgroup.com The Powertech Group www.powertechgroup.com Kent, Washington, USA +1 253-872-7788 ----- Original Message ----- From: Evan Harris <spanner@ihug.co.nz> To: <midrange-l@midrange.com> Sent: Saturday, December 08, 2001 11:11 AM Subject: Re: *SAVRST (was Re: ftp versions of SAVRST... ) > Tom > > Securing the restore commands is a great way to prevent unauthorised > production deployments - > especially when you have hostile programmers on your site :) > > Nothing focuses the mind on locking things down like having a group of > people intent on breaking the rules ! > > Cheers > > >Evan: > > > >On Fri, 07 December 2001, Evan Harris wrote: > > > > > I hate the idea that a password that has save/restore capability ends up in > > > a script, no matter how short the time frame. > > > >I'm glad this was mentioned. *SAVRST is dangerous, granting the ability to > >bring an AS/400 down (for all practical purposes) in a few seconds. Few > >sites control it unfortunately. > > > >Tom Liotta > > > _______________________________________________ > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list > To post a message email: MIDRANGE-L@midrange.com > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l > or email: MIDRANGE-L-request@midrange.com > Before posting, please take a moment to review the archives > at http://archive.midrange.com/midrange-l. >
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.