I hope that they do not have the MAINT 191 R/W. I would hate to log on to MAINT and not get my own 191 R/W because some Linux guest already had it in write mode.
Regards, Richard Schuh > -----Original Message----- > From: The IBM z/VM Operating System > [mailto:IBMVM@LISTSERV.UARK.EDU] On Behalf Of Rob van der Heij > Sent: Friday, April 22, 2011 3:14 PM > To: IBMVM@LISTSERV.UARK.EDU > Subject: Re: 391 391 RR?RE: password_on_cmds feature > statement in CONFIG > > On Fri, Apr 22, 2011 at 11:24 PM, Schuh, Richard > <rsc...@visa.com> wrote: > > Might I ask a dumb question? > > > > If it is in the PROFILE EXEC, why not put it in the > directory entry? > > If it is there and is detached, it can be reacquired by the > command, > > "CP LINK * > > 391 391 RR" without having to enter a password. And without ever > > having to know that it is a disk defined in the MAINT entry. > > You're correct. I tried to avoid changes to the PROFILE EXEC > because I fear it will be on each of the servers and they may > have the 191 R/W (but we already discussed options to make > the guest detach that disk). > > One reason you find this kind of things in programs is when > the userid or mini disk address is determined by some > programmed logic. Mini disk passwords are a pain in that > situation and don't really provide any security because the > link is issued in the user virtual machine. One of my peers > was very proud of his program that scrambled the password in > the code (so you could not see it when you browse the > module). He was pretty shocked when I did a trace on the DIAG > 08 to see the password... :-) > > Rob >