× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



"Is a dream a lie if it don't come true, or is it something worse?"
>From "The River" by Bruce Springsteen


Pat,

> Exit points are useful for many things, they can give you additional
> flexibility but, in my opinion, resource access control is really THE
only
> way to reliably manage access control for client access or green
screen
> apps.
> 

I'm sure that it won't come as a surprise to you to find that I
disagree, especially with this assertion:

> resource access control is really THE only
> way to reliably manage access control

<rant>

I've come to the conclusion that Resource Security on OS/400 is really a
big lie.  If you say that it is "really THE only way" to manage access
control, then you have to say that OS/400 is the least secure operating
system in deployment simply because NOBODY USES IT!  This whole line of
systems (S/36-S/38-AS/400-iSeries) has always been sold on applications.
So could you please point me to a business application that actually
uses resource security the way IBM advocates it?   Are their any?   Or
is it all suppose to be "roll your own" by the end user community?  

You know that I understand resource security, and yes it can be made to
work - heck we use it here at PowerTech to secure our own software, so
that would seem to underscore your point.  But the sad truth of the
matter is that damn few other software vendors do the same.  The poor
system administrator who is trying to protect their corporate assets
doesn't really stand a chance of using resource security to secure their
system.  Production systems today have a varied mix of unsecured
applications, utilities, and yes, even OS code that a system
administrator is not even cognizant of, let alone informed about its
uses and security requirements.   If all of the iSeries software vendors
already secured their own stuff, this would be a much happier world.
But if the truth of the matter is that the overwhelming majority of
iSeries developers (including, in some cases, IBM) don't follow the
dictates of resource security, then how can it be "THE only way"?

Case in point;  Pick a machine, any machine, and see how many sensitive
objects *PUBLIC has access to.  I just looked at a fresh install of V5R2
- of the 92 'Q' libraries loaded on this system, only 4 have a Default
Create Value of something other than *CHANGE or *SYSVAL.  The system
value for QCRTAUT is still shipped as *CHANGE.  The root directory of
the IFS is still shipped with *PUBLIC having *RWX authority.  So are
QDLS, QFileServer.400, and QOpenSys.  The system admin may be able to
remove the Write authority to the root, but if you take away Read
authority you'll break iSeries Navigator.  Look a little farther and you
see that there are several Message Files and Job Descriptions in 'Q'
libraries that are set with *PUBLIC *CHANGE.  Where is the resource
security here?  If I don't manage remote access of command execution and
program calls, how do insure that the integrity of these objects stays
intact?  So if there are still parts of IBM that have not internalized
the "resource security" mantra, what makes us think that the rest of
world might someday embrace it?  

OK, I know you still don't see the value of exit programs to the IT
manager's and system administrators who have to deal with this crap
everyday, but I still have a lot of faith in you and the rest of the
folks that work on security at IBM and I'm sure that someday you'll
realize that exit programs are not just a viable alternative, but in
fact an important element of OS/400 security.  Even with a decent
resource security scheme in place, you're still going to have to manage
users ability to call programs, invoke commands, and update files (Just
because I give a user *CHANGE access to the Customer file doesn't mean I
want them to be able to use Excel to overwrite the Customer Number,
which is the primary key - but resource security alone will let them.)
Exit Programs give you more than just "flexibility", in the case of the
original poster of this thread, they give him a way to engage in
something other than green-screen computing without re-writing all of
his applications because of pre-existing security flaws.

That last point is terribly important to IBM and to the iSeries.  If the
only way that people could secure their existing applications is to
completely re-architect them, nobody would do e-business on this box,
nobody would serve web-pages, and nobody would network this machine.
The cost of re-tooling would be so high that they would all be looking
for exit strategies to other platforms.  That's not the way that you or
I might want things to be, but it's the way things are.

So go ahead, beat on the vendors - Hell, you know I'll help you - but
don't tell the system admin's that the only way to secure an iSeries is
to re-architect everything into a resource security model.  They'll
never do it, and so security will never get fixed.  And that's not good
for anybody.

</rant>

jte

(Midrange-l fair disclosure statement - Yes, I work for a security
software company, and yes one of the products we sell is Exit Programs).


--
John Earl | Chief Technology Officer
The PowerTech Group
Seattle, WA 98032
(253) 872-7788 x 302
john.earl@powertechgroup.com
www.powertech.com 
--


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.