In order for end users to traverse the root directory and operate in a
sub directory, they will need at least "x" authority to the root.
*PUBLIC *EXCLUDE would prevent any user who does not have explicit
execute authority to the root from accessing there shares.

That's not to say that you should give *PUBLIC execute only rights
though, because last I heard Client Access stored some objects in the
root directory that your users need to read in order to run CA (that may
be different now, I haven't looked at this recently.  :(

Test thoroughly.


John Earl | Chief Technology Officer
The PowerTech Group
19426 68th Ave. S
Seattle, WA 98032
(253) 872-7788 ext. 302

This email message and any attachments are intended only for the use of
the intended recipients and may contain information that is privileged
and confidential. If you are not the intended recipient, any
dissemination, distribution, or copying is strictly prohibited. If you
received this email message in error, please immediately notify the
sender by replying to this email message, or by telephone, and delete
the message from your email system.

> -----Original Message-----
> From: security400-bounces@xxxxxxxxxxxx
> [mailto:security400-bounces@xxxxxxxxxxxx] On Behalf Of
> Wills, Mike N. (TC)
> Sent: Friday, February 06, 2004 9:41 AM
> To: Midrange - Security (security400@xxxxxxxxxxxx)
> Subject: [Security400] Root IFS removing *public
> What will happen to all our shares and such if I change
> root to be *public
> to *exclude?  I don't want to change it then break
> everything on the system.
> A couple of our applications already use the IFS. Does it
> just change the
> root authority and doesn't change access for anything
> else? Obviously I will
> try this on a off time when I won't interrupt anyone.
> Mike Wills
> Lawson Programmer/Administrator
> Taylor Development
> Email: mnwills@xxxxxxxxxxxxxx
> Direct Line: (507) 386-3187
> The information contained in this electronic mail
> transmission may contain
> privileged communications and/or confidential information
> intended only for
> the use of the named recipient(s).  If the reader of this
> information is not
> the named recipient(s) or you receive this transmission in
> error, please:
> (1) immediately notify us by return electronic
> transmission at
> mnwills@xxxxxxxxxxxxxx; and (2) permanently delete this
> message from your
> computer and all servers and other stored devices.
> _______________________________________________
> This is the Security Administration on the AS400 / iSeries
> (Security400) mailing list
> To post a message email: Security400@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit:
> or email: Security400-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the
> archives
> at

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.