× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Rob

But by canonization you could do
/qsys.lib/mylib.lib/myfile.file/mymbr.mbr/../../payroll.file/payroll.mbr
and get to what you need.


As someone else already mentioned their Exit point pgm had that vulnerability and I just checked mine. Hmmmmm.

Because, if the exit point followed my poor technique of just checking the left to match with what they are authorized to - they're toast.


Glad to hear I'm not the only one using 'poor technique'.....

Rob Berendt


I agree with the rest of your post as well. A LARGE majority of shops I visit have this issue with security. It needs to be addressed one way or the other and properly written exit programs are generally an easier implementation than a security overhaul for large applications. This is especially true when there are more than one or when they came from the vendor with poor security built in. (Jack Henry any one??? Oh but that's just a banking app, no sweat)

- Larry

--
Larry Bolhuis IBM eServer Certified Systems Expert:
Vice President iSeries Technical Solutions V5R3
Arbor Solutions, Inc. iSeries LPAR Technical Solutions V5R3
1345 Monroe NW Suite 259 iSeries Linux Technical Solutions V5R3
Grand Rapids, MI 49505 iSeries Windows Integration Technical Solutions V5R3
IBM eServer Certified Systems Specialist
(616) 451-2500 iSeries System Administrator for OS/400 V5R3
(616) 451-2571 - Fax AS/400 RPG IV Developer
(616) 260-4746 - Cell iSeries System Command Operations V5R2

If you can read this, thank a teacher....and since it's in English, thank a soldier.



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.