|
The ideal way is to forget trying to lock the shitload of commands, (and access points like FTP) that can be used to manipulate data. Instead, secure the data and then make all access be via programs that adopt authority. However if you want to appease the auditors (who don't give a rip about effectiveness but just work from a standard audit script) then you could secure the command STRDFU. WRKOBJ STRDFU I'd suggest using an authorization list. That way you can secure the gamut of these commands with one thing. When you need to open it up for one more person, you just need to modify the authorization list and not all the objects in question. See also: UPDDTA, CHGDTA, etc Rob Berendt
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
