×

Good News Everybody!

The new search engine is LIVE!

Please report any problems to david (at) midrange.com.



  1.  Home
  2. MIDRANGE-L
  3. October 2018

Use of adopted profiles

Is there a document that describes how the adopted authority works and
maybe best practices? I am reviewing a project to lock the system down and
it has been a long time since I last set up a highly secure system.

My plan is to
- revoke all authorities from user libraries, objects and the IFS.
- Grant authority to a group profile.
- The group profile will own all objects.
- Users will have none or limited authority directly.
- When users signon to the menu, the menu program will grant authority
whilst using the job. When they sign off, they will have no authority.

Objective:
- Prevent unauthorized access to the system
- There are users on multiple systems accessing this system and its wide
open. - Plan to grant authority to objects only where required example read
rights to file where a remote system needs to access files to retrieve data
and so on.

The same will apply to the IFS.

What are the best practices today? I know some folk don't like this
approach but it is one of the cleanest and easiest approaches to implement
and maintain.

TIA

Darryl Freinkel

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.