unfortunately lots of new Linux-server VM systems are being run off that
initial starter system. They deserve the most secure starter system that
IBM can give them.
/Tom Kern
[EMAIL PROTECTED] wrote:
Isn't that a bit of an overkill for a starter system??
*Thomas Kern <[EMAIL PROTECTED]>*
Sent by: The IBM z/VM Operating System <IBMVM@LISTSERV.UARK.EDU>
10/09/2007 10:00 AM
Please respond to
The IBM z/VM Operating System <IBMVM@LISTSERV.UARK.EDU>
To
IBMVM@LISTSERV.UARK.EDU
cc
Subject
Initial User Directory ( was: hacking vm/cms (probably old news))
I would like it to go a step further, like with some linux installations
that ask for a root password and another userid to be added. I like
having ALL system related userids be AUTOONLY, LBYONLY, NOLOG or have a
randomly generated password. All userids that need to actually need to
be logged onto must have a LOGONBY record authorizing that initial
sysprog userid. After that initial setup, it isn't hard to replace the
passwords for those users that need to logged on. No one ever really
needs the password to those accounts if properly LOGONBY authorized.
That random password could be randomized daily, until you can properly
divide all accounts into the proper AUTOONLY, LBYONLY, NOLOG or personal
password categories.
/Tom Kern
/301-903-2211
Nick Laflamme wrote:
> Robert Nix wrote:
>> Hi Alan;
>>
>> Given that the starting CP Directory is dynamically created, for the
most
>> part, today, how hard would it be to allow the installer to select a
>> "root
>> password" to be applied to all of the initial accounts?
>>
>
> I'll go one step further: how about a default of all userids except
> MAINT, OPERATOR, and CMSUSER (does that still ship on fresh system?)
> being LBYONLY, defaulting to MAINT as the user who can do LOGONBY.
> Anyone who wants a different LOGONBY user (or additional users) should
> know which trivial XEDIT command will change that.
>
> Nick
>
