Agreed, but again, depending on your shop applying individual PTFs might
require a change management record for each PTF while the group requires
just one. In my shop, I'll do the cume as one change record and all groups
as another. Two change records and my box is current. But individual PTFs
require individual change records.

Besides, from a time standpoint, going to Fix Central, selecting the
Security group, and letting it run is easier and faster than having to do
any kind of search and the following up with manual entry of the PTFs to
pull.


And again, I agree that I'd prefer to get the HIPER group to get bug fixes
that may not have security implictions in addition to those that do. But
some folks may not have that luxury and for them the security group may be
useful.


On Tue, Jun 2, 2009 at 12:25 PM, CRPence <CRPbottle@xxxxxxxxx> wrote:

John Jones wrote:
There may also be shops that have internal controls, procedures,
and/or audit requirements that allow security updates but not
necessarily any other updates without rigorous review & testing.
Having a separate security group lets them get those updates
without scouring all PTF cover letters looking for just
security-related events.

FWiW. The security\integrity PTFs [for LIC, OS, and LPPs] had
already been included with the HIPer designation and each identified
with variant(s) of the "security" and "integrity" terms capable of
being found with a simple token search; i.e. no poring over cover
letters required to locate them. Issues which either effect data
errors per designation of "incorrect output" or defects which may
result in system failure, in many cases would be much more important
to include in the list of updates being installed [in consideration
of the cover letter text, for how the described situation might be
applicable], than those of a security nature [for which no
description of what either the defect or its correction is published
for which just as rigorous testing would be justified but without
full ability to review].

Regards, Chuck
_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400)
mailing list
To post a message email: Security400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/security400
or email: Security400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.





This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].