|
> -----Original Message----- > From: Dan Bale [mailto:dbale@xxxxxxxxxxxxx] > Sent: Tuesday, August 10, 2004 9:04 AM > To: Midrange Systems Technical Discussion > Subject: RE: Any MAIL MANager (Generic Software Inc.) users out there? > > > > Or a security setting perhaps? Is there something that would > change how the > system creates the authority on the user msgq when the user profile is > created? > > Although, I have to wonder. If users' message queues are set to > *PUBLIC:*CHANGE, doesn't that mean that anyone can delete > messages from > someone else's message queue? That could not be a good thing. Correct, PUBLIC *CHANGE is too much. But PUBLIC *USE is probably not enough if the public will be sending messages to the queue. To send a message to it, PUBLIC needs *ADD authority to the data. But *USE only gives *READ and *EXEC. >From the info center in regards to securing QSYSOPR *MSGQ "Users require *CHANGE authority to respond to and delete messages in a message queue. Only system operators should have this authority." "Give the public *ADD authority, as shown on the sample display" > > > Actually, after I posted to the list yesterday, I finally > received a call > back from support on this problem. According to support, > MAIL_MANN uses > SNDPGMMSG, and the help on SNDPGMMSG does not show any of the > authority > requirements as SNDMSG. > > I created two new *USER test profiles, TEST1 & TEST2, with no special > authorities; user *MSGQ set to *PUBLIC:*USE. I signed on as > TEST1, and ran > this program: > > Pgm > SNDPGMMSG MSG('this is just a test') + > TOMSGQ(QUSRSYS/TEST2) > Endpgm > > It ran fine, and sent the message to TEST2. > > db > I'm surprised at this. It should not have worked if everything is configured as you say. You might want to double check everything. Perhaps the program used adopted authority? Charles
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.