Some of my people here were in the habit of always submitting certain jobs 
under user profiles with *ALLOBJ.  Really frustrated them when we 
installed a certain release of OS years back and they could no longer look 
at the job log if they didn't have *ALLOBJ authority themselves.  I 
figured out how to turn this off so they could still look at these 
joblogs.  It's under the host part of application administration under 
iSeries Navigator.

Honestly I am a little reluctant to do so.  They've finally started 
cleaning up the process (getting their authorization lists right, not 
submitting the jobs under an *ALLOBJ kind of person, etc.) and I hate to 
derail that train.

I never figured out what the big security breach was to look at the joblog 
of a job running under a user with *ALLOBJ.  Is there any valid concern?

Rob Berendt
Group Dekko Services, LLC
Dept 01.073
PO Box 2000
Dock 108
6928N 400E
Kendallville, IN 46755

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.