|
John...while I might quibble with some of your points, I agree resource access control and the management of it is hard to do (on any machine...). Vendors get it screwed up on all machines. I used to see it all the time during my 12 years of UNIX system adminstration and applications support/development. But you missed my point...I didn't argue that resource access control was easy. I said it was required. My point was that if you don't have resource access control correct, adding an exit point product doesn't fix the problem either. Neither did I say exit point programs were irrelevant. The way to control who can get to your mission critical data starts with resource access control. It is a necessary condition. It is arguable whether it is sufficient or not. But you must satisfy this condition, or you don't have reliable access control. IBM has preached that for years; even when green screen was dominant. Lets say I was a prison warden, and I installed a vendor product to open and shut doors. Then I found out it didn't work unless it left the doors unlocked. Is it just the vendor's fault? Or am I at least partly to blame for installing something that affected security but I didn't know it? By the way, I still think it is easier to get resource access control right on OS/400 than on other platforms. And IBMis working on some of things you complained about which we actually control. Patrick Botz
This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
