Be careful about changing this arrangement. In the case of non-file objects, public authority cannot be *EXCLUDE if they are to work. Output queues, for example, need public *CHANGE authority to function.
Consider changing the default on the CRTLIB command to public authority of *EXCLUDE and then selectively authorize users to the library, possibly through group profiles. Also take a look at authorization lists to secure individual objects in the library.
Thanks for everyone's input so far. One of the things that I would like toimplement is have everything be *PUBLIC *EXCLUDE as the default. I know this may cause more work on my end as I need to modify authorities for specific objects, but it also keeps me from having to wonder if I should have locked something down.So my question.... How do I change it so newly created objects are *PUBLIC*EXCLUDE?Thanks,Aaron Bartell http://mowyourlawn.com
This mailing list archive is Copyright 1997-2013 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact