I think you have a valid concern. The 'Security on z/VM' redbook
suggests to use 'logon by' for MAINT to avoid a) giving out it's
password and 2) the possibility of it's password being revoked due to
people possibly forgetting it. A sensible solution.
Leland Lucius wrote:
Being new to this RACF on VM thing, I'm a little paranoid about how the
MAINT user should be handled in relation to things like password policies.
Mind you, we don't use MAINT all that often, but I'd hate to get myself
in a position where I needed it and was unable to use it because the
password was revoked or something similar.
How do y'all handle MAINT with RACF. Is it really a major concern or am
I just being a fraidy cat?
Leland
--
Rich Smrcina
VM Assist, Inc.
Phone: 414-491-6001
Ans Service: 360-715-2467
rich.smrcina at vmassist.com
http://www.linkedin.com/in/richsmrcina
Catch the WAVV! http://www.wavv.org
WAVV 2009 - Orlando, FL - May 15-19, 2009