|
Frank, I tend to agree with this. I originally wanted to setup some offsite PGMR's with their own Group ( im at level 40 ), but then i started getting issues like they didnt have permission to the debugger, and others that seemed dumb. Started to get a bit of A PAIN and too hard. Making their grp QPGMR fixed it, but i would have liked to go my original way. BUT without obvious pointers, i havnt got a lot of time to spend on it. Im settling on your method ( i think..). Ian. -----Original Message----- From: Frank.Kolmann@revlon.com [mailto:Frank.Kolmann@revlon.com] Sent: Thursday, 20 December 2001 11:14 To: midrange-l@midrange.com Subject: IBM supplied QPGMR (was Modify SYSVAL QSYSLIBL) I would suggest that most AS400 shops use the QPGMR profile for programmer access. Tailoring user profiles to specific jobs seems to be a headache. I suppose some people do this, but not many. We use AS400 security to keep programmers out of production databases (program and data) but I suggest a a lot of shops do not even do that much. Is it asking too much for examples of which QPGMR authorities should be revoked. As a complete aside I was wondering what Walden was on about re. SEPT. This is the first I heard about SEPT. Seems to me that accessing system programs via SEPT completely bypass AS400 security checking. I am probably wrong. Frank Kolmann
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
