× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. May 2005

CPYF / CRTDUPOBJ inconsistencies ???

I'm a little confused why the security requirement to use the CRTDUPOBJ
command requires "Object Management" rights while the CPYF CREATE(*YES)
command only requires *USE authority to the source object to accomplish the
same thing...

The HELP text for these two commands say.... 

CRTDUPOBJ - 

The user must have *USE authority (includes object operational
authority, read authority, and execute authority) and object  
management authority to the existing object.

Note:

Object management authority provides authority to specify    
security, to move or rename the object, and to add members if
the object is a database file.                               


CPYF - 

The user running this command must be authorized to add the
file to the to-file library, and must also have operational
authority to the Create Physical File (CRTPF) command.     


I believe that assigning Object Management rights to my production data
files gives my users too much access authority. For example they can MOVE
and/or RENAME the object!  

However, not giving them this authority makes it impossible for them to use
the CRTDUPOBJ command to copy an object into a test environment or into
library QTEMP as required by some of our production processes. 

The problem I have is that I want to limit authority to my production data
to *CHANGE for user profiles authorized to access production data via the
production application code. Outside of the application *PUBLIC would just
have *USE authority. I can't do this without breaking all the processes that
use CRTDUPOBJ....

Does anyone know why IBM requires Object Management rights to the "source"
data file object in order to copy it using CRTDUPOBJ yet NOT require it to
do the same thing using CPYF CREATE(*YES) ???

Kenneth

****************************************
Kenneth E. Graap
IBM Certified Specialist 
AS/400e Professional System Administrator
NW Natural (Gas Services)
keg@xxxxxxxxxxxxx
Phone: 503-226-4211 x5537
FAX:    603-849-0591
****************************************

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.