× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. SECURITY400
  3. September 2001

RE: DSPJOBLOG needs *JOBCTL authority?

Dan

I'd support what both Bryan and Anton have said so far- it is exactly the
approach I took when faced with the same dilemma for a group of hostile
third party developers.

Of course, they then complained that they wanted to do this from
WRKACTJOB  - and I wasn't going to re-write that sucker :)

The fact that I heard nothing more about it suggests that event though it
was a minor inconenience it worked.

Cheers
Evan Harris


>Dan we overcame this for our programming staff by writing our own "DSPJOB"
>command.  All you nned to do is to have a cl program that accepts the fully
>qualified job name and executes the DSPJOB JOB(123456/user/job) OPTION
>(*JOBLOG) command.  The CL program needs to adopt the autority needed.
>
>
>-------------------------
>  Bryan Dietz
>3X Corporation
>
>
>
>
>
>
>                     "Bale, Dan"
>                     <D.Bale@handleman.co       To:
> <security400@midrange.com>
>                     m>                         cc:
>                     Sent by:                   Subject:     RE:
> [Security400] DSPJOBLOG needs *JOBCTL authority?
>                     security400-admin@mi
>                     drange.com
>
>
>                     09/26/2001 11:42 AM
>                     Please respond to
>                     security400
>
>
>
>
>
>
>This is a multi-part message in MIME format.
>--
>[ Picked text/plain from multipart/alternative ]
>"fundle"?  Uh, Anton, your translator garbled something there. <g>  You
>know what, though, I think I like that word.  "Don't fundle around with
>that!"
>
>Anyway, I concur with what you said about "fiddling" with IBM objects.
>Normally I would simply take the approach you suggested, creating a
>separate program with parms to call the DSPJOBLOG command with *OWNER
>adopted authority yada yada.  The problem with that scenario is that the
>user was attempting to view the job log of an active job using option 10
>from the "Work with Job" menu.  AFAIK, my only hope is to create my own
>DSPJOBLOG command that appears higher in the library list than the one
>in QSYS.  This command's CPP would do the things you suggested and I
>presume this would work as a solution.  This assumes that option 10 does
>not qualify the DSPJOBLOG command (and how would one determine that?)
>
>But what a mess!  Now I have to create a new library that has to be put
>above QSYS in the system library list by changing the QSYSLIBL system
>value.  Our QA & Security Audit teams will have a fun time with that.
>
>Dan Bale
>IT - AS/400
>Handleman Company
>248-362-4400  Ext. 4952
>D.Bale@Handleman.com
>
> > -----Original Message-----
> > From:         Anton Gombkötö [SMTP:gombkoetoe@assoft.com]
> > Sent:         Wednesday, September 26, 2001 11:20 AM
> > To:           security400@midrange.com
> > Subject:           Re: [Security400] DSPJOBLOG needs *JOBCTL authority?
> >
> > Dan,
> >
> > I wouldn't fundle around with IBM's commands or command processing
> > programs.
> > PTF's could remove your changes easily to mention just one reason.
> >
> > I'd create a little program with the DSPJOBLOG with the desired parms
> > in it
> > and change this program to use *OWNER rights. And make a powerful
> > enough
> > user the owner of it. If you want, you can then set the access rights
> > to
> > this program to allow only your "system operator-type users" to use
> > it.
> >
> >
> >
> > Mit freundlichen Grüssen / best regards
> >
> > Anton Gombkötö
> >
> > Avenum Technologie GmbH
> > Wien - Mattsee - Stuttgart
> > e-mail Office   :       mailto:Anton.Gombkoetoe@avenum.com
> > Homepage        :       http://www.avenum.com
> >
>_______________________________________________
>This is the Security Administration on the AS400 / iSeries (Security400)
>mailing list
>To post a message email: Security400@midrange.com
>To subscribe, unsubscribe, or change list options,
>visit: http://lists.midrange.com/cgi-bin/listinfo/security400
>or email: Security400-request@midrange.com
>Before posting, please take a moment to review the archives
>at http://archive.midrange.com/security400.
>
>
>
>
>
>_______________________________________________
>This is the Security Administration on the AS400 / iSeries (Security400)
>mailing list
>To post a message email: Security400@midrange.com
>To subscribe, unsubscribe, or change list options,
>visit: http://lists.midrange.com/cgi-bin/listinfo/security400
>or email: Security400-request@midrange.com
>Before posting, please take a moment to review the archives
>at http://archive.midrange.com/security400.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.