Not necessarily, there is LOGONBY. They need only know their own passwords.
Should anyone have full authority including all the passwords? If so, who? Regards, Richard Schuh > -----Original Message----- > From: The IBM z/VM Operating System > [mailto:ib...@listserv.uark.edu] On Behalf Of Alan Altmark > Sent: Wednesday, December 08, 2010 8:32 PM > To: IBMVM@LISTSERV.UARK.EDU > Subject: Re: Vswitch Grant as a CMD in User's Directory? > > On Wednesday, 12/08/2010 at 03:11 EST, RPN01 > <nix.rob...@mayo.edu> wrote: > > But, should you have to have an external security manager > for a system > where > > the majority of users are disconnected guest operating systems? > > Yes. > > > Most of > > today's z/VM systems have a bare minimum of real human users. CP is > > the security manager for us, and it's sufficient to control the wild > ramblings > > of, oh, say, the four people who need access. > > Those four people know all the passwords. There is no > accountability and no plausible deniability. You have de > facto password sharing, something I have yet to see > countenanced by any IT organization.
