RE: Security vs knowledge [was: RE: how to list LE options]
- From: tbabonas@xxxxxxxxxxxx (Anthony Saul Babonas)
- Date: 21 Jun 2007 11:55:38 -0700
In our organization any user who requests access to any resource has to
demonstrate a business need (not want) to the owner of the resource. The
owner of the resource is the final authority regarding the alleged business
need.
If the manager of the SYSPROG group says it's OK for a generic civilian to
browse SYS1.PARMLIB, we permit access. Our security group diligently avoids
the decision process.
-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@xxxxxxxxxxxx
Of R.S.
Sent: Thursday, June 21, 2007 1:43 PM
To: IBM-MAIN@xxxxxxxxxxx
Subject: Re: Security vs knowledge [was: RE: how to list LE options]
Ted MacNEIL wrote:
Because some fool of an auditor doesn't understand mainframes?
That's just BS IMHO. Fire the auditor for incompetence
An auditor doesn't set the rules.
They just report on compliance.
I still see no reason for a non-SYSPROG to have access to PARMLIB!
Assuiming there is a reason, including curiosity and willingness to learn.
What would you do if non-SYSPROG would ask you about some member in the
PARMLIB ? Deny the knowledge, just beacuse you are the God ?
IMHO the poorer tuned parmlib the higher will to hide the parmlib.
--
Radoslaw Skorupka
Lodz, Poland
--
BRE Bank SA
ul. Senatorska 18
00-950 Warszawa
www.brebank.pl
Sąd Rejonowy dla m. st. Warszawy
XII Wydział Gospodarczy Krajowego Rejestru Sądowego,
nr rejestru przedsiębiorców KRS 0000025237
NIP: 526-021-50-88
Według stanu na dzień 01.01.2007 r. kapitał zakładowy BRE Banku SA (w
całości opłacony) wynosi 118.064.140 zł. W związku z realizacją warunkowego
podwyższenia kapitału zakładowego, na podstawie uchwał XVI WZ z dnia
21.05.2003 r., kapitał zakładowy BRE Banku SA może ulec podwyższeniu do
kwoty 118.760.528 zł. Akcje w podwyższonym kapitale zakładowym będą w
całości opłacone.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to listserv@xxxxxxxxxxx with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to listserv@xxxxxxxxxxx with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
.
- References:
- Re: Security vs knowledge [was: RE: how to list LE options]
- From: Ted MacNEIL
- Re: Security vs knowledge [was: RE: how to list LE options]
- From: R.S.
- Re: Security vs knowledge [was: RE: how to list LE options]
- Prev by Date: Re: Security vs knowledge [was: RE: how to list LE options]
- Next by Date: Re: how to list LE options
- Previous by thread: Re: Security vs knowledge [was: RE: how to list LE options]
- Next by thread: Re: Security vs knowledge [was: RE: how to list LE options]
- Index(es):
Relevant Pages
|
