RATE THIS ANSWER
0
Click to Vote:
- 0
0
Last Answered:
Jul 25 2008 2:54 PM GMT
by Sloopy
Yes,
- they would be limited by their authority to the file.
Lacking MGT/EXIST/ALTER authority to the file the user can only alter the file with option 5 - add records to the member. And if the user does not have add authority to the file they cannot do that.
There may be ways to limit use of QUERY
Phil L
---------------
No. If you try to do this, you will get the message :
"Output file cannot be same as input file."
(if you use option 2, replace file), or
"Output member cannot be same as input member."
(if you use option 4 to replace the member).
I've tried doing this by using Query to copy data from a logical to the physical, and with option 2 it will not let me do it because there are logicals over the physical. Using the same method with option 4 gives me the message that the output format is not the same as the file format. This would appear to be because even though the logical uses the same format name, with all the physical file's fields in the right order, a different level ID is created for the logical than that which was created for the physical.
I have tried, but I can't overwrite the data in the way your auditor describes. I hope this helps.
Regards,
Sloopy
AS/400 security, Query, WRKQRY
Can a user change or replace data, members, or the file itself (a prodcution file in a production lib) using WRKQRY...??? I have an auditor who believes in the "Define the Query" display, 2nd to last option ("Select output type and output form") you can specify 3 in the output type (3 = datafile file) and then you press enter to bring up next screen which allows you to specify file lib and member and replace, add, etc... the existing file with the new query output file. If this being the case this would be a paramount security flaw. Can someone please shed any insight or experience realted to this matter. THX 
