rob@xxxxxxxxx wrote: >Anyone see a security issue with CHGJOBD JOBD(QSYS/QSTRUPJD) >USER(GODLIKE)? > >What problem am I trying to solve? >http://archive.midrange.com/midrange-l/200501/msg00665.html Rob: I'd say the simple answer is "Yes." And the simple explanation is that it isn't necessary so why dole out more authority than needed? A second program can adopt needed authority and your startup profile can be granted authority to call it. Put all writer handling in the new program. Insert the CALL into your QSTRUP program. In fact, you might want to structure your entire QSTRUP program this way. There's no requirement that your startup profile must have any significant authority other than to be able to run QSTRUP; additional authorities can be obtained in a clearly precise manner by grouping like functions in discrete programs. Grant authority to run the programs rather than granting authority to perform categories of actions. Plain, old QPGMR can be used and it doesn't need much authority at all. Nor should it have significant authority. Tom Liotta -- Tom Liotta The PowerTech Group, Inc. 19426 68th Avenue South Kent, WA 98032 Phone 253-872-7788 x313 Fax 253-872-7904 http://www.powertech.com __________________________________________________________________ Switch to Netscape Internet Service. As low as $9.95 a month -- Sign up today at http://isp.netscape.com/register Netscape. Just the Net You Need. New! Netscape Toolbar for Internet Explorer Search from anywhere on the Web and block those annoying pop-ups. Download now at http://channels.netscape.com/ns/search/install.jsp
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.