|
Steve, >>Does anyone know what QSYS program QCDEXTPT does? Occasionally, I will see in my audit journal where a user has adopted authority to this program which is owned by QSYS. This concerns me. From its' name, I presume that it is some kind of exit point program.<< It should not matter what QCDEXTPT does. Since this program is system domain and has *EXCLUDE public authority your users are not be able to call it. (You are running at security level 40 or 50 aren't you?) Also, it is not the case that your user has "adopted the authority to this program". Your user has invoked some function in OS/400 that is using the QCDEXTPT program. The AP (Adopted Authority) audit record is being written because a program needs to use adopted authority to access one or more objects that the user does not have authority to. You will not see AP audit records when someone with authority uses the same function. Even though a program adopts its owners authority that extra authority is only used when the job/thread calling the program does not have authority to the objects used by the program. The AP audit record indicates that the programs adopted authority was actually used. Ed Fishel, edfishel@US.IBM.COM
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.