Threats and Exposures › Authorized Programs
Authorized Programs
Any program that resides in an APF‑authorized library is a potential threat. A program must be designed to defeat security, merely being authorized does not negate security.
Take the following precautions:
- Audit use of APF‑authorized libraries
- Audit programs from APF‑authorized libraries
- Examine the source and object code of programs within the APF libraries
- Perform an APF audit with TSSAUDIT
- Control APF authorizations with ABSTRACT(AC1)
- Deny APF-authorized libraries update access.
Copyright © 2010 CA Technologies.
All rights reserved.
|
|