
RUN command is issued in which the file name is not fully qualified, which is
the common practice.
RISK SUPER Group members should not be able to alter their TACLCSTM
files. They could put destructive commands in the file that will execute prior to
TACL’s first prompt.
NOTE: If a macro is executed within a TACLCSTM, the macro file must also
be secured so that only authorized users can
WRITE or PURGE it. Otherwise,
someone could rename it and then install another file with the same name or
simply insert commands that execute a Trojan horse program by invoking the
macro via the TACLCSTM file.
Sharing TACLCSTM Files
It is sometimes desirable to share macros ...