|
This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. -- [ Picked text/plain from multipart/alternative ] Dan, > To most IBM midrangers, this would be considered status > quo. Maybe I just find it strange that this is news. It's not 'news' the BugTraq posting is very lame, and if that's the best they can post for OS/400, then thank IBM that that's the case. > After all, doesn't every AS/400 have a QSECOFR (and > other IBM-supplied) profiles? Yes, just like Unix has root - but often you don't want to use QSECOFR (or can't if sign-on is limited to specific devices) to maintain a low profile. > In consideration of the userID=password scenario, the > vulnerability is the > person(s) managing the system, IMO. Yes, but 20-20 hindsight won't fix what damage has been done by Mr. Hacker using that iser profile & password ;-) --phil
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
