I think once you have RACF installed all of the other sevurity problems you describe are solved.
-----Original Message----- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] Behalf Of Lionel B. Dyck Sent: Wednesday, September 26, 2007 9:30 AM To: IBMVM@LISTSERV.UARK.EDU Subject: z/vm security advise requested To keep our auditors happy (assuming that is possible) to secure our z/vm (5.3) environment I am planning on doing the following. Note that our environment is purely in support of linux virtualized servers and the only cms users are the handful of sysprogs supporting z/vm. 1. installing both racf/vm and dirmaint 2. all linux virtual server guests will be defined with LBYONLY and a LOGONBY for the sysprogs 3. all system machines with the exception of Operator will also be defined with LBYONLY and LOGONBY for the sysprogs Does anyone see any issues/exposures with this approach. Thanks _____ Lionel B. Dyck, Consultant/Specialist Enterprise Platform Services, Mainframe Engineering KP-IT Enterprise Engineering, Client and Platform Engineering Services (CAPES) 925-926-5332 (8-473-5332) | E-Mail: <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] AIM: lbdyck | Yahoo IM: lbdyck Kaiser Service Credo: "Our cause is health. Our passion is service. We're here to make lives better." "Never attribute to malice what can be caused by miscommunication." NOTICE TO RECIPIENT: If you are not the intended recipient of this e-mail, you are prohibited from sharing, copying, or otherwise using or disclosing its contents. If you have received this e-mail in error, please notify the sender immediately by reply e-mail and permanently delete this e-mail and any attachments without reading, forwarding or saving them. Thank you. _____ << ella for Spam Control >> has removed 13021 VSE-List messages and set aside 12385 VM-List for me You can use it too - and it's FREE! www.ellaforspam.com <http://www.ellaforspam.com>