WRKQRY Security Flaw / Users can Alter/ Replace Data in Production Files
Home > IT Answers > Development > WRKQRY Security Flaw / Users can Alter/ Repla...
Gambitt7
150 pts.
0
Q:
WRKQRY Security Flaw / Users can Alter/ Replace Data in Production Files
Query, AS/400 security, WRKQRY
Can a user change or replace data, members, or the file itself (a prodcution file in a production lib) using WRKQRY...??? I have an auditor who believes in the "Define the Query" display, 2nd to last option ("Select output type and output form") you can specify 3 in the output type (3 = datafile file) and then you press enter to bring up next screen which allows you to specify file lib and member and replace, add, etc... the existing file with the new query output file. If this being the case this would be a paramount security flaw. Can someone please shed any insight or experience realted to this matter. THX
ASKED: Jul 24 2008  7:03 PM GMT
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
RELATED QUESTIONS
0
Sloopy
1940 pts.
0
A:
 RATE THIS ANSWER
0
Click to Vote:
  •   0
  •  0
  • AddThis Social Bookmark Button
Yes,
- they would be limited by their authority to the file.
Lacking MGT/EXIST/ALTER authority to the file the user can only alter the file with option 5 - add records to the member. And if the user does not have add authority to the file they cannot do that.

There may be ways to limit use of QUERY

Phil L


---------------

No. If you try to do this, you will get the message :

"Output file cannot be same as input file."

(if you use option 2, replace file), or

"Output member cannot be same as input member."

(if you use option 4 to replace the member).

I've tried doing this by using Query to copy data from a logical to the physical, and with option 2 it will not let me do it because there are logicals over the physical. Using the same method with option 4 gives me the message that the output format is not the same as the file format. This would appear to be because even though the logical uses the same format name, with all the physical file's fields in the right order, a different level ID is created for the logical than that which was created for the physical.

I have tried, but I can't overwrite the data in the way your auditor describes. I hope this helps.

Regards,

Sloopy
Last Answered: Jul 25 2008  2:54 PM GMT by Sloopy   1940 pts.
Latest Contributors: Philpl1jb   24520 pts.
  •   
0
0
RSS - Discussions Help
Discuss This Answer:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _



_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

Gilly400   23625 pts.  |   Jul 25 2008  9:10AM GMT

Hi,

Unless the output format is the same as the existing file (which is unlikely from a query), then the only thing they can possibly do is replace the file. If this happens then your application programs are likely to start crashing with level checks, so you’ll know straight away that someone’s done this.

If you have your security set up correctly with authorisations to files ,etc then you shouldn’t get this happening. If you don’t have your security set up right, then your users can probably use all sorts of other ways to modify data they shouldn’t be modifying.

You can always set up a test file and user and show this to your auditor - just to prove the point.

Regards,

Martin Gilbert.

 

TomLiotta   7550 pts.  |   Oct 21 2009  12:40AM GMT

If you’ve given authority to change the file data to the user, they can change it with WRKQRY or UPDDTA or ODBC or RPG or COBOL or CL or REXX or remote commands or… well, just about any tool they can get hold of that’s capable of issuing file updates. The security flaw is not in the tools; it’s in the authority that’s been granted to the users.

If you don’t want a user to change file data, revoke the authority to change the data.

Tom

 
0