RE: Restrict User

There is a GREAT TAATOOL that addresses this issue..

PROLIB PROTECT LIBRARY TAALIDL
------ --------------- -------

The Protect Library tool helps prevent specified critical libraries
from an accidental use of CLRLIB or DLTLIB. The tool uses the system
provided command exit program technique. In addition to CLRLIB and
DLTLIB, the TAA Tools CLRLIB2 and DLTLIB2 are also protected. Not
even an *ALLOBJ user will be able to accidentally clear or delete a
protected library.

The 'Command Analyzer Retrieve Exit Program' function provided by the
system is designed to allow an exit program to occur before the
command is executed. The Protect Library (PROLIB) tool allows you to
identify the libraries that should be protected.

A different API that allows command changes is the 'Command Analyzer
Change Program'. This API has several restrictions such as not being
used when a command is library qualified. See the discussion with
the CMDEXIT TAA Tool. The 'Command Analyzer Retrieve Exit Program'
function does not have the same restrictions. The PROLIB tool will
protect a library regardless of how it is specified such as:

CLRLIB LIB(ABC)
CLRLIB ABC
QSYS/CLRLIB ABC
CALL QCMDEXC PARM('CLRLIB ABC' 10)

The protection also occurs for commands in CL programs. Note that a
RST command is not checked.

Reply or Forwarded mail from: Kenneth E Graap