| -----Original Message-----
| From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED]
| Behalf Of Charles Mills
| Sent: Wednesday, January 04, 2006 2:39 PM
| To: IBM-MAIN@BAMA.UA.EDU
| Subject: NETRC and security -- am I missing something?
|
|
| I have never used a NETRC dataset. It looks to me that if
| one is to have
| one's users do so, one must have remote userids and
| passwords stored in a
| dataset that is protected only by whatever security happens
| to exist for the
| dataset that the user sets up. Am I missing something? Is
| there some reason
| that passwords stored in a NETRC dataset are not a huge
| security exposure?
|
| Charles Mills
Hi Charles,
We don't use per-user .netrc's but a site-wide one that is pointed to by
the proc(s). RACF program control / conditional access is used for this. Our
mainframe .netrc files are only accessable to programs like FTP, REXEC, RSH.
Hope this helps.
<*BobL*>
------------------------------------------------------------------------------
This e-mail transmission may contain information that is proprietary,
privileged and/or confidential and is intended exclusively for the person(s) to
whom it is addressed. Any use, copying, retention or disclosure by any person
other than the intended recipient or the intended recipient's designees is
strictly prohibited. If you are not the intended recipient or their designee,
please notify the sender immediately by return e-mail and delete all copies.
OppenheimerFunds may, at its sole discretion, monitor, review, retain and/or
disclose the content of all email communications.
==============================================================================
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
