On Tuesday, 02/05/2008 at 05:38 EST, Ivan Warren <[EMAIL PROTECTED]> wrote: > For a properly privileged user, examining someone else's memory isn't > that difficult if I remember correctly..
Yes, but that's not at issue. It is a given that a privileged user can do extraordinary things. Since no general user has more than class G, memory and spool are protected. With the ability to put CP commands in the directory, Rob's "less than class G" solutions become far more interesting. E.g. I can take away the SET SECUSER, SET OBSERVER, SPOOL and MESSAGE commands and the ADRSPACE diagnose, as well as limit IUCV activity. Alan Altmark z/VM Development IBM Endicott ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
