|
> -----Ursprüngliche Nachricht----- > Von: midrange-l-bounces@xxxxxxxxxxxx > [mailto:midrange-l-bounces@xxxxxxxxxxxx] Im Auftrag von Ed Fishel > Gesendet: Freitag, 13. Mai 2005 18:40 > An: Midrange Systems Technical Discussion > Betreff: Re: outqueue - data authority > > Mihael Knezevic wrote on 05/12/2005 03:24:55 AM: > > > i got a little problem understanding the keyword AUTCHK of > an outqueue. > > > > my understanding is that if i put *DTAAUT in AUTCHK then > the user with > the > > *R(ead) data authority can read any spool from any user in that > > specific outqueue. > > > > i checked the data authority on the outqueue with: > > > > DSPAUT OBJ('/QSYS.LIB/QGPL.LIB/TESTOUTQ.OUTQ') > > > > and got: > > > > <snip> > > TESTMK *RX > > </snip> > > > > so the user TESTMK has the data authority read and execute. > should be > enough > > for reading a spool file, or not? > > > > but the user can't read a spool file that is not his own in that > > outqueue. can anybody explain this to me? > > >From Appendix D of the Security Reference manual, my > understanding is > >that > when DSPDTA is *NO and AUTCHK is *DTAAUT then a user without > *SPLCTL special authority will need *READ, plus *ADD plus > *DLT authority to the output queue to display some other > users spooled files. hmm. i thought *SPLCTL will give u full control over the outqueue. in conjuction with AUTCHK *SPLCTL was never mentioned. can u point me to a link to a document which refers to this? > There are other ways they can be > authorized to display the spooled files such as when OPRCTL > is *YES and they have *JOBCTL special authority, or when > DSPDTA is *YES and they have *READ authority to the output > queue, or when AUTCHK is *OWNER and they are the owner of the > output queue. > > Ed Fishel, > edfishel@xxxxxxxxxx > > > -- > This is the Midrange Systems Technical Discussion > (MIDRANGE-L) mailing list To post a message email: > MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change > list options, > visit: http://lists.midrange.com/mailman/listinfo/midrange-l > or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, > please take a moment to review the archives at > http://archive.midrange.com/midrange-l. > >
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.