Page 1 of 1

Operator Commands

PostPosted: Mon 07 Jan 2013, 06:47
by steve-myers
Recently the operators have banned two different users for attempting to execute prohibited operator commands.

One of these users attempted to run the JES2 offload process. The output from an offload is in a funny internal format similar to the way the data would be sent to another JES2 system using the NJE protocol. In theory a user program could retrieve this data, or the data set could be exported from the Fandezhi system and loaded into another system. As it is, the data is essentially unusable.

The other user apparently was attempting to respond to an IEC507D message and doing it in a fashion that appeared to be entering an UNLOAD operator command. The IEC507D message is a result of attempting to write data to a data set with an expiration date that has not expired. There are several problems with this approach.
  • There is no agent in the Fandezhi system to delete these data sets when they expire.
  • The Fandezhi system automatically enters a response to allow use of the data set. There was no need for the user to respond. Many real world systems are set up this way.
  • Before effective data security systems were available, expiration dates were often used to "protect" system data sets.
  • Because of the automatic response, expiration dates are an ineffective method to "protect" data sets, though they do offer protection from an inadvertent attempt to delete the data set.
If there were just one or two of these mistakes, the admins might ignore it. However, there were at least 10 of these mistakes, so the user was banned.