× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. RPG400-L
  3. April 2005

Re: QsyParseCertificate working

Hi Sean,

I posted about parsing certificates from the telnet server quite a while back and hadn't gotten it working. I found out from IBM that the offset to the certificate was off by two . . . 
[SNIP]

One warning about that code that you posted... if the peAutoSignOn parameter is set to a '1', the program will allow ANYONE to sign on with ANY user profile (though, they have to use auto sign-on to do so, not the standard signon screen)

I recommend documenting this in your program so that when the next programmer looks at the code, he doesn't say "yes, I want to allow auto sign-on" set the field, and inadvertantly discard most of the security on the system.

I also recommend locking that program down so that only QSECOFR has *CHANGE (or higher) authority to it. That will prevent a malicious programmer from giving himself *ALLOBJ by changing the program, and signing on as QSECOFR (or anything else).


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.