IMHO, hardcoding QSYS is a GOOD thing. An "ordinary user" on your system might be able to create his own version of CRTPF on your system, and put it somewhere high in the library list (or even in *CURLIB). Lets say he made a version of CRTPF that simply ran a CL program that gave him *ALLOBJ authority, and then ran the normal CRTPF. When a QSECOFR or other *ALLOBJ account does a CRTPF, the untrustworthy user has just given himself *ALLOBJ authority. Remember that IBM sells AS/400's to people in many situations. Some of them are running timeshare services where complete strangers are given accounts. Or people from other companies... or other "untrusted" people. On Thu, 25 Jan 2001, Maarten Vries, de wrote: > Hi > > In our enviroment the QSYS/CRTPF has public *exclude and higher in the > librarylist another command with CRTPF has public *use. > > When we use FTP and issue a get and the file is not there the program > creates a PF, however it is trying to use the QSYS/CRTPF instead of the > other CRTPF that is higher in the system library list. > Can anyone tell me why IBM has chosen to hardcode the QSYS/CRTPF instead of > *LIBL/QSYS? > > Maarten > +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: email@example.com +---
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.