Some of my people here were in the habit of always submitting certain jobs 
under user profiles with *ALLOBJ.  Really frustrated them when we 
installed a certain release of OS years back and they could no longer look 
at the job log if they didn't have *ALLOBJ authority themselves.  I 
figured out how to turn this off so they could still look at these 
joblogs.  It's under the host part of application administration under 
iSeries Navigator.

Honestly I am a little reluctant to do so.  They've finally started 
cleaning up the process (getting their authorization lists right, not 
submitting the jobs under an *ALLOBJ kind of person, etc.) and I hate to 
derail that train.

I never figured out what the big security breach was to look at the joblog 
of a job running under a user with *ALLOBJ.  Is there any valid concern?

Rob Berendt
-- 
Group Dekko Services, LLC
Dept 01.073
PO Box 2000
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.