On Sat, Sep 12, 2015 at 6:10 PM Steinmetz, Paul <PSteinmetz@xxxxxxxxxx>
wrote:

Do a WRKOBJ, for both CHGPWD and WRKSYSACT, then 5=Display authority
Confirm the authorities for both commands.


It was more a question of why is the the default behavior. It seems I was
wrong about changing the password, its was tied to the particular screen I
found. But I'll use WRKOBJ to examine commands in the future to
understanding the permission hierarchy.

Thanks.

Justin


-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of
Justin Dearing
Sent: Friday, September 11, 2015 11:38 PM
To: Midrange Systems Technical Discussion
Subject: Why can't a member of QPGMR change their password or run
WRKSYSACT?

I guess this is a little bit philosophical.

So I have a client that gave me greenscreen access. I have greenscreen and
PASE access. I can start and stop mysql, I can run wrkactjob. I can ssh
into PASE and do my unix things. I'm not qsysopr, qsecopr, or anything like
that.

I can't change my user profile password. This seems to be the default way
of things according to google. That makes no sense to me. On windows,
linux, most RDBMSes I use, and most web apps, one can change their own
password, and is encouraged to weekly. What is rhe wisdom in not letting a
programmer change his own password?

Secondly, and this is actually no surprise to me since I learned this when
I was an operator circa 2003, why can't a programmer run WRKSYSACT? Its the
equivalent of taskmanager on windows or top on linux. I know its a little
bit of a heavier command (and I'm ignorant of OS/400 internals to
understand why, but I accept it). However, I have access to wrkactjob, so I
could write a program that does what wrksysact does, but more
inefficiently. Also, I could tie up the CPU through other methods as well.

So why?

Justin
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at http://archive.midrange.com/midrange-l.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].