• Subject: Re: Command Line Access
  • From: Ata510@xxxxxxx
  • Date: Tue, 20 Jul 1999 22:36:47 EDT

In a message dated 7/20/99 3:18:31 PM Central Daylight Time, 
jonleroi@napanet.net writes:

> Command Line Access via BPCS is not something I would want to give to
>  Users. When you have command line access through BPCS you are executing at
>  the SSA group level; the adopted authority. On our machine that is almost
>  as powerful as QSECOFR. The AS/400 is such a friendly machine that a user
>  can prompt to their hearts desire and locate all sorts of interesting
>  commands such as DLTF, PWRDWNSYS, CHGSYSVAL .... 
>  
Most sites would do well to keep user 'SSA' with only normal OS/400 authority 
(*USER) and no way to sign on via this profile by making the password *NONE. 
That is the way the release is shipped.

If you need a 'super user' in BPCS, why not instead make it the BPCS security 
officer, and also give that user *SECOFR type authorities, instead of giving 
this authority to the 'SSA' user profile who also happens to own every object 
in BPCS? It is too dangerous, because as you say, every BPCS user adopts this 
authority (if you use the shipped BPCS set-up and don't change things around).

+---
| This is the BPCS Users Mailing List!
| To submit a new message, send your mail to BPCS-L@midrange.com.
| To subscribe to this list send email to BPCS-L-SUB@midrange.com.
| To unsubscribe from this list send email to BPCS-L-UNSUB@midrange.com.
| Questions should be directed to the list owner: dasmussen@aol.com
+---


This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact [javascript protected email address].