5 pts.
 iSeries Object Authority vs. Menu Security
Hello, I am new to iSeries and OS/400. Here is my question: Let's say in a level 30 security environment, user access is controlled through a menu, which does not alow them to access any sensitive objects. But a number of sensitive objects have been assigned *ALL authority for *PUBLIC. Can these users somehow still have access to those sensitive objects because of the *ALL for *PUBLIC authority assigned to them, or would that be impossible due to their menu access?

Software/Hardware used:
ASKED: May 8, 2008  6:25 PM
UPDATED: November 4, 2009  4:42 PM

Answer Wiki:
Hi, That would depend on your menus and whether the user has access to a command line or not. If your menus don't use the objects and your users don't have access to a command line then your users cannot get access to them. Regards, Martin Gilbert.
Last Wiki Answer Submitted:  May 9, 2008  8:44 am  by  Gilly400   23,625 pts.
All Answer Wiki Contributors:  Gilly400   23,625 pts.
To see all answers submitted to the Answer Wiki: View Answer History.


Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _


 

If you are running TCP/IP, you also need to think about iSeries Access data transfer, ODBC and FTP.

 10 pts.

 

…and Remote Command/Distributed Program Call, and REXEC, and JDBC(OleDB/.Net/?), and ssh, and…?

Tom

 110,115 pts.

 

We use both. There is always some one in every organization that knows just enough about SQL or AS/400 Query to be dangerous.

 5,830 pts.