Yikes, Should I be scared of this? Externalizing the password rules in REXX? Seems to make it too easy to "collect" passwords.
_________________________________________________________________ Dave Jousma Assistant Vice President, Mainframe Services david.jou...@53.com 1830 East Paris, Grand Rapids, MI 49546 MD RSCB1G p 616.653.8429 f 616.653.8497 -----Original Message----- From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf Of Walt Farrell Sent: Friday, March 06, 2009 7:58 AM To: IBM-MAIN@bama.ua.edu Subject: Re: RACF password & id checking On Fri, 6 Mar 2009 12:17:49 +0800, Tommy Tsui <tommyt...@gmail.com> wrote: > Is there any RACF password rule that can validate the password >cannot be a part of USERID? or only write a user exit to implement it? You would probably need an exit to do that. You can find a sample exit on the RACF downloads page (http://www-03.ibm.com/servers/eserver/zseries/zos/racf/goodies.html ) that should simplify that. See REXXPWEXIT. It works on z/OS R10 and later, and provides an ICHPWX01 exit that invokes a REXX exec via System REXX, and a sample REXX exec that you can tailor easily. -- Walt Farrell, CISSP IBM STSM, z/OS Security Design This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
