×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
Does anyone utilize the STG(*FREE) option that is available on most of the SAV commands?
The reason I ask is that having access to the SAV* commands and also having *SAVSYS Special Authority, gives a user the authority to effectively delete any object on the system, by using the STG(*FREE) parameter.
Example -
SAVOBJ OBJ(UFILE1)
LIB(PRODLIB)
DEV(*SAVF)
OBJTYPE(*FILE)
SAVF(MYLIB/MYSAVFILE)
UPDHST(*NO)
STG(*FREE)
DLTF FILE(MYLIB/MYSAVF)
Being able to save objects that a programmer or operator doesn't have direct authority to, may be a useful function that Special Authority *SAVSYS addresses, but the security risk associated with STG(*FREE) makes giving this authority to anyone extremely risky.
I understand that there are ways to mitigate this risk. The easiest is to severely restrict who gets *SAVSYS Special Authority OR restrict access to the SAV* commands OR force STG(*KEEP) via an exit or validity checking program.
But if there isn't really any reason to free storage in the first place, we wouldn't have to worry about this security risk at all...
This is why I'm wondering what the original purpose of having the STG(*FREE) option might have been...
Is this something IBM should consider removing from the SAV commands?
Discussion ... Comments ????
P
Please consider the environment before printing this email
Kenneth
Kenneth E. Graap
Systems Administrator
NW Natural
keg@xxxxxxxxxxxxx<mailto:keg@xxxxxxxxxxxxx>
http://www.linkedin.com/in/kennethgraap
503-226-4211 x5537
midrange.com
