If memory serves me correctly, didn't the SYS38 default objects to public exclude (or maybe it was just use)? I seem to remember always having trouble with object authority when ever we changed employees. As the new operator would run jobs during the first week or so, we would have to keep granting object authority to files as programs blew up. This was of course before we learned about the group profiles which eliminated that need once implemented. We granted proper authority to the group profiles and then just started adding profiles to the group when new person came. Joe Giusto II Programmer/Analyst Ritz Camera Beltsville, MD 301-419-3209 x347 410-813-2812 x347 -----Original Message----- From: firstname.lastname@example.org [mailto:email@example.com] On Behalf Of John Earl Sent: Wednesday, August 22, 2001 8:04 PM To: firstname.lastname@example.org Subject: Re: [Security400] Authority annoyances, continued... <snip> Now, we sell exit programs, and make our living (in part) off of this "hole" that was opened up - but I must insist - please, don't blame IBM. They didn't do it. The hole was created by us (you and I ) and all the other developers and (especially) application vendors that built our systems to rely on "menu security". IBM told us not to do it. IBM gave us object level security. We just chose not to use. I agree that the /400 world is in a very messy place with respect to security, I just don't think you can saddle IBM with the blame. <snip> jte -- John Earl - VP & CTO The Powertech Group 253-872-7788 email@example.com www.powertechgroup.com
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.