× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Shannon, 

> I did not notice that the length of the passWord is also required now. 
> That sucks. 


I don't think IBM ever breaks an existing public API lightly (unlike another 
OS vendor who shall remain nameless...). But in this case, it appears the 
change was very intentional and was specifically changed in order to thwart 
a possible exploit described by Scott. IBM takes security very seriously 
(again, unlike another OS vendor who shall remain nameless, or at least they 
didn't used to...), and faced with a choice of keeping compatibility and the 
exploit working, or closing the exploit by requiring relatively minor 
changes to user programs, they chose what seems to me to be the only logical 
alternative.

But they also documented the change in the Memo to Users. Reading that is 
part of your release update planning, isn't it? Why do you think they bother 
to write the Memo to Users?

In terms of James' question "What was IBM thinking?!?", the answer appears 
to be security. But I also don't fault IBM for being vague and not spelling 
out the exact exploit, since this change only closes it for V5R3 users. 
Given the circumstances, do you really think it would be better to leave the 
API the way it worked in the past?

Doug

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.