Re: Losing Authority to a file in Batch

["Jim Franz" <franz400@xxxxxxxxxxxx>]

amen..
So, is there some doc or other "official" info to hand the average
CISSP or similar auditor to properly explain iSeries security.
An auditors or management overview.
Pictures & diagrams work well.
jim

----- Original Message ----- 
From: "Patrick Botz" <botz@xxxxxxxxxx>
To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
Sent: Monday, January 26, 2004 4:59 PM
Subject: Re: Losing Authority to a file in Batch


>
> And the point I was trying to make (and not very well) is that an audit
> company that has a "blanket policy" that adopted authority is bad/wrong,
> doesn't know enough to be doing your audits very well. Adopted authority
is
> not inherently bad. Used correctly, it provides more security...used
> incorrectly it can actually reduce the level of security. It's usage must
> be analyzed along with other factors such as who has authority to the
> program/command which adopts authority and what the program/command itself
> does.
>
> Patrick Botz
> Senior Technical Staff Member
> eServer Security Architect
> (507) 253-0917, T/L 553-0917
> email: botz@xxxxxxxxxx
>
>
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>