On Sun, 4 Apr 2010 18:03:50 +0000, Ted MacNEIL wrote: >>I'd be very hesitant about giving away something that might enable >>"destructive influences" to further their aims. > >It's a damned if you do/don't. >I thank IBM for closing a hole. >But, without knowing anything about what the exposure is, how do we know how >to configure the security settings? > Did IBM close a hole, or merely provide a means of restricting its use?
Please, IBM, provide some guidelines for configuring the secuity settings. It must be more explicit than, e.g., "To allow programmers to perform RECIEVEs, permit them READ access to the RECEIVE class, ..." It must provide an explanation of the motivation for not simply permitting UACC(READ). If it's a blanket statement such as, "Use of any SMP/E function allows compromise of system integrity, therefore only highly trusted personnel should be permitted use of any SMP/E function," the hole is far from closed. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html