> message: 8
> date: Fri, 23 May 2003 13:24:25 -0500
> from: "Burns, Bryan" <burnsbm@xxxxxxxxxxxxxxxxxxxx>
> subject: RE: Buying an Exit point program
> 
> 
> What great benefits could we expect at level 40?

Just finished reading through the V5 Security Reference.  To summarize:

- No direct calls to system programs not documented as interfaces.  The only
problem this caused us was an undocumented call to a group job command.

- If a job description has a value for the User field, the person submitting
the job must be authorized to both the jobd and the usrprf.  At level 30,
the user only needs *USE for the jobd.

- At level 40 it is impossible to sign on without a user id and password.
Some subsystem descriptions could allow signon without those at level 30.

- At level 40 it is harder to modify system information directly (through
MI).

Pages 18-19 of the Security Reference will walk you through setting up the
necessary auditing to detect problems in moving to level 40.



As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.