|
John...while I might quibble with some of your points, I agree resource access control and the management of it is hard to do (on any machine...). Vendors get it screwed up on all machines. I used to see it all the time during my 12 years of UNIX system adminstration and applications support/development. But you missed my point...I didn't argue that resource access control was easy. I said it was required. My point was that if you don't have resource access control correct, adding an exit point product doesn't fix the problem either. Neither did I say exit point programs were irrelevant. The way to control who can get to your mission critical data starts with resource access control. It is a necessary condition. It is arguable whether it is sufficient or not. But you must satisfy this condition, or you don't have reliable access control. IBM has preached that for years; even when green screen was dominant. Lets say I was a prison warden, and I installed a vendor product to open and shut doors. Then I found out it didn't work unless it left the doors unlocked. Is it just the vendor's fault? Or am I at least partly to blame for installing something that affected security but I didn't know it? By the way, I still think it is easier to get resource access control right on OS/400 than on other platforms. And IBMis working on some of things you complained about which we actually control. Patrick Botz
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
