× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.




Lets say the USERS user profile is FREDBLOGGS
The object owners user profile is ONEANDONLY
Then as far as the library authority is concerned
FREDBLOGGS is *EXCLUDE
ONEANDONLY is *USE

Then change the owner of the program to be ONEANDONLY
Then change the program to run under owner adopted authority



Alan Shore
Programmer/Analyst, Direct Response
E:AShore@xxxxxxxx
P:(631) 200-5019
C:(631) 880-8640
"If you're going through Hell, keep going" - Winston Churchill



George Lopez
<georgerl@worldpa
c.com> To
Sent by: RPG programming on the IBM i /
rpg400-l-bounces@ System i <rpg400-l@xxxxxxxxxxxx>
midrange.com cc
rpg400-l-bounces@xxxxxxxxxxxx
Subject
04/27/2010 02:21 Re: Edit Object Authority for
PM Library, Program, File and
User Security.....

Please respond to
RPG programming
on the IBM i /
System i
<rpg400-l@midrang
e.com>






What do you mean by "users user profile to be *EXCLUDE"? Do you mean
each file object in the library to *EXCLUDE? How about the addlible
command failing? Thanks

Alan Shore wrote:
Hi George
Its been a while, but here gores
The owner of the program needs to be different than the user wanting to
run
the program
Then EDTOBJAUT on the library for the OWNER of the program to have *USE,
and the users user profile to be *EXCLUDE
Then change the CL program to run under owner adopted authority
This is where you will have to forgive me as its been too long since I
was
involved in this , but this is definitely the direction you need to go in
When I used to do this, (for a bank) one of the things that the auditors
forbid me to do was use any of the IBM supplied profile (QPGMR etc) to be
the owner of any programs


Alan Shore
Programmer/Analyst, Direct Response
E:AShore@xxxxxxxx
P:(631) 200-5019
C:(631) 880-8640
"If you're going through Hell, keep going" - Winston Churchill




George Lopez

<georgerl@worldpa

c.com>
To
Sent by: rpg400-l@xxxxxxxxxxxx

rpg400-l-bounces@
cc
midrange.com


Subject
Edit Object Authority for Library,

04/27/2010 01:57 Program, File and User

PM Security.....





Please respond to

RPG programming

on the IBM i /

System i

<rpg400-l@midrang

e.com>









I want a particular user to use the file in a program(CL/RPG) but not be
able to view all the files in a library outside of a program. I did the
below but it does not work.

1). I did EDTOBJAUT for a library and for a user to *EXCLUDE so this
user can not view these files. But I want the programs(CL/RPG) the user
uses to be able to read/write/update the file.

2). I changed the user's initial sign on CL to USRPRF(*OWNER). But when
this user signs on the user gets the below error for *EXCLUDE....

Not authorized to library xxxx01
Not authorized to library xxxx02

3). If I use object authority to *USE then this user can view the
file(s) in these libraries using iSeries Data transfer, FTP or some
other utility which I do not want to happened.

--
This is the RPG programming on the IBM i / System i (RPG400-L) mailing
list
To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/rpg400-l.




--
This is the RPG programming on the IBM i / System i (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/rpg400-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.