|
Charles, Rather than risk hosing something else on your box by trying to create a "replacement *PUBLIC profile" or even just trying to hit every object on your box, it seems to me it would be a lot easier to use an exit program for the ODBC/JDBC remote transactions. There are several exit program security products out there, but only one that I know of can afford 'pinpoint' accuracy with regard to controlling access via the exit point without having to modify any existing OS/400 object authorities or user profile groupings. Contact me offline if you would like more details. Steven W. Martinson, CISSP, CISM iSeries Security Consultant | NetIQ Corporation Cell 281.546.9836 | www.netiq.com 1233 West Loop South | Suite 1800 | Houston, TX 77027 > message: 1 > date: Fri, 22 Apr 2005 14:01:25 -0400 > from: "Wilt, Charles" <CWilt@xxxxxxxxxxxx> > subject: [Security400] Prevent User Profile from using public authority > Is there any way to prevent a user profile from using *PUBLIC authority? > Here's the scenario, I've got a user profile set up for JDBC use from a external web server. All I want this profile do > be able to do is call stored procedures it is specifically authorized to.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
