I consider APF to be one of the worst exposures because it gives you keys to the system and allows you to hide your tracks.
APF has the least obscure protection and many people know about these exposures. You trust that software vendors don't create an exposure. You limit access to APF libraries. You limit when they can update it. You trust that anyone who does have access doesn't abuse it and always researches possible exposures when changing these libraries. You trust that their terminals are locked when they go to lunch or leave their desk. You trust that they haven't exposed you in ways you did not consider (e.g. from home). You trust they will be suspicious when someone calls saying they are one of your software vendors. Jon Perryman. >________________________________ > From: Tom Marchant <m42tom-ibmm...@yahoo.com> > > > >On Sun, 8 Sep 2013 20:37:14 -0700, Jon Perryman wrote: >>you can't be 100% secure (we still have APF). > >I don't understand the point you are trying to make with your parenthetical >statement. >Do you think that APF puts an upper limit on security? Why? > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN