Wanda Prather wrote:
> The problem is that ANY admin id can run QUERIES against the ADSM data base.
>
> That opens up 1 availability issue and 1 real security hole, in my opinion:
>
> 1) An ill-advised SQL query issued by can bring the ADSM server to its
> knees, and
[Discussion of real security hole deleted]

I think the availibity issue is worse than that. In my experience, the phrase
"bring ... to its knees" usually refers to serious performance degradation. I
recently discovered that some SQL queries involving joins can bring all useful
activity on our MVS ADSM server to a standstill until the server task is
cancelled and restarted. Cancellation is an extremely nerve-wracking way of
ending a task with a database. It is pretty much the MVS counterpart of the
Unix command 'kill -9 ...'.