RPG newbie needs to enable users
I am looking for a simple RPG program to enable users without the use of QSECOFR. I'm very new to RPG.
I encourage you to become familiar with the concept of "Adopted authority". It is an attribute of a program and allows you to temporarily give users authority but not have to give it permanently. You can write a program that enables a user profile, have the compiled program be owned by QSECOFR, have someone with enough authority run the CHGPGM command and set the User profile parameter to be *OWNER. Then, when the program is running, OS/400 will first check to see if the user running has sufficient authority, if they don't, the program's owner is checked. Since QSECOFR can do anything, the program will run. You will obviously need to protect access to the program, so not just anyone can run it. For more information on adopted authority, see the iSeries Security Reference manual, available from the IBM Information Center
or my book Experts' Guide to OS/400 and i5/OS Security available from Amazon.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: tips, tutorials and more.
Search400's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Check out this Search400.com Featured Topic: Top ten security tips
Visit the ITKnowledge Exchange and get answers to your security questions fast.
This was first published in April 2005