×

Good News Everybody!

The new search engine is LIVE!

Please report any problems to david (at) midrange.com.



  1.  Home
  2. SECURITY400
  3. September 2003

RE: Fw: Going to level 30 Security

Isn't the only difference between 20 and 30 object level security? 
Wouldn't level 30 with everyone having *ALLOBJ be the same as level 20?
If true, you'd be looking for something to tell you that a user wouldn't
have had access to an object it he hadn't had access to the object -- kind
of useless info, no?

It would seem to me that the test was simple. Update to level 30, grant
everyone *ALLOBJ and then setup permissions the way you want them. Then,
take a user or three and remove the *ALLOBJ permission and see what happens.

-Walden



------------
Walden H Leverich III
President
Tech Software
(516) 627-3800 x11
(208) 692-3308 eFax
WaldenL@xxxxxxxxxxxxxxx
http://www.TechSoftInc.com 

Quiquid latine dictum sit altum viditur.
(Whatever is said in Latin seems profound.)
 

-----Original Message-----
From: kirkg@xxxxxxxxxxxxx [mailto:kirkg@xxxxxxxxxxxxx] 
Sent: Thursday, September 04, 2003 4:46 PM
To: security400@xxxxxxxxxxxx
Subject: [Security400] Fw: Going to level 30 Security


It been a long since I've needed to do this...

I thought I remembered there was a way to use the audit journals to test 
what will happen when you move from security level 20 to 30 or higher. 
I've been able to find a tip that says basically going 20 to 30 is by 
setting up test profiles. I've also found a tip of going from 30 to 40 
that does use the audit journal using the *PGMFAIL option.

Is there a better way to get from 20  to 30 other than by trial and error?

_____________________
Kirk Goins CCNA
Systems Engineer, Manage Inc.
IBM Certified iSeries Solutions Expert
IBM Certified iSeries e-Business Infrastructure
IBM Certified Designing IBM e-business Solutions 
Office 503-353-1721 x106 Cell 503-577-9519
kirkg@xxxxxxxxxxxxx      www.manageinc.com
_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400)
mailing list
To post a message email: Security400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/security400
or email: Security400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.