× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. December 2002

Re: DDMF

This is a multipart message in MIME format.
--
[ Picked text/plain from multipart/alternative ]
There are a few questions there, some are related.  :-)
To delete the file, you need to have access to it.  Therefore you need to
signon with enough authority to delete it.  Anyone with *ALLOBJ.  If you
can't get the Gods there to allow you to do that, or to delete the file
themselves, then one common hack is to create a one line CL program that
only contains
CALL QCMD
Then run CHGPGM ... USRPRF(*OWNER)
Tell them, (when they're really busy) that you need this program owned by
QSECOFR.
This program will let you pretty much run free and loose on the machine.
Had a vendor installed program which did this.  The vendor liked to talk
the users through stuff without messing with the security folks.  Being
the security folks here, this kind of vexed me.

Now, I'll get a howling mass of screams that I shouldn't point out this
breach, but, look at it this way, how many of you take the time to review
the programs that are owned by QSECOFR?  Consider this a call to
diligence.

Now, will deleting this file prevent anyone from accessing the other
machine?  Gosh no.  Any moron can build a DDM file.  Then there is the
directory QFileSvr.400, FTP, telnet, STRPASTHR, sockets, etc.  Controlling
all this will require a balance.  A good start might be with exit points.
See also:
http://faq.midrange.com/data/cache/198.html

Rob Berendt
--
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
Benjamin Franklin




"Albino Sousa" <ASousa@Auto-Sueco.PT>
Sent by: midrange-l-admin@midrange.com
12/23/2002 06:23 AM
Please respond to midrange-l

        To:     <midrange-l@midrange.com>
        cc:
        Fax to:
        Subject:        DDMF


This is a multi-part message in MIME format.
--
[ Picked text/plain from multipart/alternative ]
I have this situation:
Two as400. One pgm in first machine with DDMF, which points to 2. AS400.
Now I need to destroy the DDMF in first machine, but I have not access
to it, the user profile was deleted in the first machine.
How can I denie that users from 1.AS400 can read or use  records from
2.AS400. Is there anything I can do?
TIA
Merry Xmas
Sousa


_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.