u can use prtusrprf
Slack400’s two cents:
If your intent is to keep your system locked down tight you’ll want to set the system value: QCRTAUT to *Exclude. This will ensure new objects created on the server will not be available to users unless specified.
As for your existing data & programs if the system wasn’t locked down before you’ll need to audit your system and lock down any critical items. I would write a quick CL program to utilize the DSPOBJD command to generate an object listing by type and then use the output to run the GRTOBJAUT command to then change the *PUBLIC authority to *EXCLUDE. Then go library by library until your data files and source code files are all locked down.
Of course you’ll want to clearly define your goals ahead of time and test, test, test.
For general system security I’d recommend contacting PowerTech or BSafe and get a free system security audit review. It’s amazingly fast and helpful.
Discuss This Question: 3  Replies