On Thu, 11 Jun 2015 16:16:49 -0400, Ed Finnell <efinnel...@aol.com> wrote:
>Several of the 3270 emulators had a user option for transfer mechanism >IND$FILE or FTP. Some had better implementations that others. And the OP should be aware that it is theoretically possible for a TSO user to write his own program (or acquire one elsewhere) that will do data transfers via the 3270 data stream, or even to make a copy of IND$FILE and change its name to something else if that name is being specifically monitored. Also, monitoring IND$FILE won't stop other mechanisms such as those based on screen printing, or TCP/IP communication protocols. People asking for such monitoring often, in my experience, do not realize the other possibilities for data communication. Really, what they should do is completely prevent the user from reading the sensitive data. If you let a user READ the data and give him access to a TSO or a UNIX session, then you should assume that he will be able to transport it elsewhere without your knowledge. If you don't want him to be able to do that, you shouldn't let him read the data. Monitoring certain easy to use transport mechanisms is OK, but it will not catch all the other mechanisms you haven't thought about. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN