On Thursday, 09/17/2009 at 01:22 EDT, "Schuh, Richard" <rsc...@visa.com> wrote: > An IPL isn't an action? True, the guest was not aware that it would harm the > system, but absent that action by the guest, there would not have been a
> problem. The guest was an unwitting agent, a part of a bot net, as it were. The case where the administrator loads the chamber and the user pulls the trigger to cause an outage is, admittedly, near a line between "normal defect" and "integrity defect". Who, exactly, caused the problem? I can't blame the user - they just logged on with no opportunity (or responsibility!) to review their directory prior to login (how?). This particular problem must be laid at the feet of the sysadmin with all due ceremony, along with any other administrative snafu. But I assert that even that is a red herring. The central issue is not who chambered the weapon or who pulled the trigger. Rather, it is an issue centered on how much shielding is or should be present to mitigate mistakes or errors in judgement by the sysadmins, and, to some extent, from CP's own attempts to make you happy. We recognize that CP must be more forgiving and we are working to that end, examining a variety of solutions that include inertial dampening, tritanium plating, Kevlar(R), stacks of phone books, as well as taking the gun away from you and beating you over the head with it (aka "the retaliatory baseball bat subroutine"). The bottom line is that none of us want the system to go out to lunch. That doesn't serve anyone's purposes. If it happens, get a restart dump and let us know. Sometimes it's *not* your fault. Really! :-) Alan Altmark z/VM Development IBM Endicott