×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
Although lack of authority to STRDBG gave no T-AF Authority Failure
audit entry due to use of CHKOBJ instead of an explicit attempt to use
the object and that the authority error CPF9802 was logged in the
joblog, that did not prevent my ability to use Visual Explain; it was a
simple SELECT * test. If however, my user did not have *JOBCTL special
authority, I could not perform the Visual Explain function, and that
logged a T-AF audit entry. This is because that authority is required
to perform a STRDBMON, which _is_ required for Visual Explain. I wonder
if debug being active, is required only for explaining CQE queries.? Or
perhaps the issue experienced is in regard only to the missing optimizer
messages, rather than a visual presentation.? My simple test was surely
going to the SQE.
FWiW the QSYS/STRDBG [hopefully it is properly coded as such] is
performed by an SQL CALL something.QCMDEXC; either the defined QSYS2
external procedure referencing QSYS/QCMDEXC, or directly to the *PGM
QSYS/QCMDEXC. Knowing that could enable intercepting the request; of
course replacing STRDBG with an effective Trojan Horse which is publicly
authorized, and that performs some logic to determine if the request
should be allowed, before either adopting to perform STRDBG or failing
with a /disallowed/ message.
BTW, if you were to find that *LIBL/STRDBG were being used instead of
either *SYSTEM/STRDBG or *NLVLIBL/STRDBG, then rather than trying to
take advantage of it [because that effect should be expected to be
changed/corrected], be sure to report it as a defect.
Regards, Chuck
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.