|
On 22 Apr 2004 at 13:07, John Earl wrote: > First rule - any user with *SPLCTL special authority can get to every > spooled report in every out queue. Game over. If you don't want > someone to see a report make sure that they don't have *SPLCTL. No prob. All users have no special authorities and are set to lmtcpb *yes. > > Second Rule - A user with *ALLOBJ special authority can achieve *SPLCTL > Special Authority in two seconds. See rule 1. No prob. We trust the people that have *allobj. > > Third Rule - A user with *JOBCTL special authority can get to any spool > file in any out queue where the out queue is defined as OPRCTL(*YES). > The purpose of the OPRCTL(*YES) parameter is to allow system operators > who have *JOBCTL Special Authority to bypass the object and out queue > authorities. If you don't want someone to see what's in an out queue, > make sure that either A) they don't have *JOBCTL and/or B) the out queue > is defined as OPRCTL(*NO) See above 2 replies. > > Whew! There is more, but go grab the Security Reference Guide and I > think you can muscle through it from there. I'll sure take a look. But from what you say, my security concept should work for our standard users. Thanks, Oliver
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
