|
> On Tue, 17 Oct 2000, Lynette Chronister wrote: > > I was wondering if anyone had any ideas of how to secure my payroll processor's spool files. Her reports and etc are accessible to others. > this is the "short" version. Make sure any users who are not authorized do not have special authority *splctl. It overrides object authority. It is the "qsecofr of spool files". change owner (chgobjown) of outq to payroll (could be group) change aut (grtobjaut or edtobjaut) to outq to exclude *Public & anyone else except payroll. chgoutq to oprctl *no and dspdta *owner remove *Splctl from anyone not authorized to payroll would recommend security audit on outq - will generate "AF" authority Failure if attempt to display spool. need strong object aut of payroll files (exclude *public) menu access control is not enough. I've seen mechanics figure out how to get a pc to view payroll files! See Tips & Tools for Securing Your AS400 (one of the best things IBM ever did) also "Implementing as/400 Security" by Wayne Madden & Carol Woodbury-great book and new version now out. Finally - say something to your Payroll software vendor for building outq's with public access!! jim +--- | This is the RPG/400 Mailing List! | To submit a new message, send your mail to RPG400-L@midrange.com. | To subscribe to this list send email to RPG400-L-SUB@midrange.com. | To unsubscribe from this list send email to RPG400-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
