|
Hi George
Its been a while, but here gores
The owner of the program needs to be different than the user wanting to run
the program
Then EDTOBJAUT on the library for the OWNER of the program to have *USE,
and the users user profile to be *EXCLUDE
Then change the CL program to run under owner adopted authority
This is where you will have to forgive me as its been too long since I was
involved in this , but this is definitely the direction you need to go in
When I used to do this, (for a bank) one of the things that the auditors
forbid me to do was use any of the IBM supplied profile (QPGMR etc) to be
the owner of any programs
Alan Shore
Programmer/Analyst, Direct Response
E:AShore@xxxxxxxx
P:(631) 200-5019
C:(631) 880-8640
"If you're going through Hell, keep going" - Winston Churchill
George Lopez <georgerl@worldpa c.com> To Sent by: rpg400-l@xxxxxxxxxxxx rpg400-l-bounces@ cc midrange.com Subject Edit Object Authority for Library, 04/27/2010 01:57 Program, File and User PM Security..... Please respond to RPG programming on the IBM i / System i <rpg400-l@midrang e.com>
I want a particular user to use the file in a program(CL/RPG) but not be
able to view all the files in a library outside of a program. I did the
below but it does not work.
1). I did EDTOBJAUT for a library and for a user to *EXCLUDE so this
user can not view these files. But I want the programs(CL/RPG) the user
uses to be able to read/write/update the file.
2). I changed the user's initial sign on CL to USRPRF(*OWNER). But when
this user signs on the user gets the below error for *EXCLUDE....
Not authorized to library xxxx01
Not authorized to library xxxx02
3). If I use object authority to *USE then this user can view the
file(s) in these libraries using iSeries Data transfer, FTP or some
other utility which I do not want to happened.
--
This is the RPG programming on the IBM i / System i (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/rpg400-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.