Sorry, man, but that does not seem even close to relevant. You just threw in a tangent! But you have groups on i as well.

My point is, the ability to muck directly with components of data files is a special privilege not available to any normal OS user - that is not the case with anythign on Windows - any OS user can mess with any file if they have full authority - SQL SErver files are not protected from this, anyone who is part of Administrator group can open anything in TextPad and play to their heart's content.

Not so for even someone with *SECOFR on the iSeries - you canNOT open a PF object in Textpad or whatever and modify its contents that way. It requires back end tools intended only for service personnel - whether IBM or your own.

I think we are talking in different realms here.


-------------- Original message --------------
From: "Lukas Beeler" <lukas.beeler@xxxxxxxxxxxxxxxx>

On Thu, Jul 17, 2008 at 5:44 PM, wrote:
In other words, the same security system as regular Windows, controls access
to the underlying files. On i you need to be enrolled in a completely separate
security system.

I don't see how this makes a difference. Windows uses a different
model to delegate permissions (based on group membership). It is
better suited for the multiple-machines scenario. The i uses a
different scheme, built upon the assumption that there is only a
single or very few machines.

Read my blog at
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives

This thread ...


Return to Archive home page | Return to MIDRANGE.COM home page