× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. SECURITY400
  3. August 2008

Re: Library Authority

Or you can use real Relational Database Management system commands and issue
GRANT or REVOKE commands.

Dave

Mike <koldark@xxxxxxxxx> 8/14/2008 07:55 >>>
On Thu, Aug 14, 2008 at 9:16 AM, Jim Franz <franz400@xxxxxxxxxxxx> wrote:

But what if we want to give them *ALL on an object within that library,
would they be able to delete that work file?
yes - *USE on lib will allow delete of object in lib if user has delete
auth
to object.


Thanks, I wasn't sure on this one.


Also, if we have *EXCLUDE on a library. Then we have a logical in another
library pointing to a file within the secured library. Would that work?
The
file in the locked library would have READ access only.
yes - (i've not tested this), note: data authorities on LF cannot be more
than on PF.
(this one i was not positive till checking Woodbury/Botz's Experts Guide
book p164)


I did just try this one and it works. I give the READ data authority only
on the PF in one library with *EXCLUDE on the library, then give them *USE
access on the logical on a seperate library. Now we can control what live
data they can access and what data within the file they can access.

I'll have to look into that book more.
_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400) mailing list
To post a message email: Security400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/security400
or email: Security400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.