Subject: | |
From: | |
Reply To: | |
Date: | Wed, 19 Nov 1997 11:59:31 -0800 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Hi,
> no can do...we can sign on using parm=-1 with a user that has sm and it
> DOES ignore the udcs. we are on MPE 5.5
Then don't do that.
Seriously, I contend that the "problem" with PARM=-1 logons is seriously
overblown, and (at worst) reflects other problems (e.g., too many people
with SM capability).
Only users with SM can logon with PARM=-1 (and thereby bypass logon UDCs).
Does the above sentence indicate a security hole?
Yes...
but...NOT the "can logon" part ... the hole is the plural "users".
There should be one user with SM. That user should have a good password,
changed frequently. That user should be trusted.
Given that, there's no reason to ban "PARM=-1" for that user ...
and an excellent reason to allow it!
I've been asked to perform emergency support on remote sites ...
and a couple of times I've been unable to logon due to @#$%^ logon UDCs.
In all but one case, I've been able to get logged on by asking for
permission to logon as MANAGER.SYS *and* using PARM=-1. (That one case:
they had disabled PARM=-1 ... they were S.O.L)
I've said it before: if you disable logon via PARM=-1, don't bother
asking me for emergency help!
Although I know some people disagree with me, my analogy is that of
a car: disabling PARM=-1 is similar to getting in the car, locking the
door, and welding the door shut. You're very secure ... but only in
a limited sense. When the car catches on fire, you're toast.
--
Stan Sieler [log in to unmask]
http://www.allegro.com/sieler.html
|
|
|