RE: Can We retire the QSECOFR userid?

This is a fair point as far as additional security is concerned.  The
question is, are you more concerned with internal threats or external
threats?  The basic reasoning would be that anyone even a little familiar
with the iSeries knows that the QSECOFR profile exists.  How many hackers
would even be able to guess what your MYSECOFR profile is?

It should be mentioned that if you do choose to disable QSECOFR you will
need to make a change to your Management Central configuration for it to run
properly.

Regards,

Scott Ingvaldson
AS/400 System Administrator
GuideOne Insurance Group

-----Original Message-----
date: Mon, 9 Feb 2004 16:49:34 -0500
from: rob@xxxxxxxxx
subject: RE: Can We retire the QSECOFR userid?

Does anyone really see a difference between having the generic QSECOFR or 
a generic MYSECOFR with the same authorities?  Granted, there are some 
very limited applications where you must be QSECOFR, (ptf's ain't one of 
them).  But does creating the MYSECOFR give you any additional security? 
None that I can think of.  Oh, I suppose you could disable QSECOFR and 
then a hack trying it would have a bear of a time getting in.  But, other 
than that?  If so, why bother?

Rob Berendt
-- 
Group Dekko Services, LLC
Dept 01.073
PO Box 2000
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com

   
This message and accompanying documents are covered by the Electronic
Communications Privacy Act, 18 U.S.C. §§ 2510-2521, and contains information
intended for the specified individual(s) only. This information is
confidential. If you are not the intended recipient or an agent responsible
for delivering it to the intended recipient, you are hereby notified that
you have received this document in error and that any review, dissemination,
copying, or the taking of any action based on the contents of this
information is strictly prohibited. If you have received this communication
in error, please notify us immediately by e-mail, and delete the original
message.