Dick wrote in with this question recently:
I recently awarded a contract to a consulting firm to create a small HR system on my iSeries. A library was created to contain all the objects they needed to create the system and then deliver it. They connected to the iSeries from their office over the Internet using a VPN tunnel to a Windows server that was on the same network and from which they were able to log on to the iSeries.
While development was taking place I was absent from the office for some time. During that time they needed other objects not in the library that was created for them. I was surprised to learn that they were able to access other libraries that had PUBLIC *EXCLUDE security settings even though their user profile was User Class *PGMR and no special authorities. How is this possible?
-- Deb Tart, associate editor