Be careful about changing this arrangement. In the case of non-file objects, public authority cannot be *EXCLUDE if they are to work. Output queues, for example, need public *CHANGE authority to function.
Consider changing the default on the CRTLIB command to public authority of *EXCLUDE and then selectively authorize users to the library, possibly through group profiles. Also take a look at authorization lists to secure individual objects in the library.
Thanks for everyone's input so far. One of the things that I would like toimplement is have everything be *PUBLIC *EXCLUDE as the default. I know this may cause more work on my end as I need to modify authorities for specific objects, but it also keeps me from having to wonder if I should have locked something down.So my question.... How do I change it so newly created objects are *PUBLIC*EXCLUDE?Thanks,Aaron Bartell http://mowyourlawn.com
amazon.com ads help fund midrange.com operations