Is there something on the CRTLFM command that will remedy this, or does the fact that the logical is just a view require that users have access to both?
I don't believe that the issue is that you're trying to use two different authorization lists. I believe the issue is insufficient authority to the underlying physical file. To access a file via a logical file the user must have the same data authority on the logical file as they do to the physical file. What some people do is grant a specific group profile or perhaps *PUBLIC authority all data rights to the physical file, then grant the corresponding data rights to the logical file. Do NOT give *OBJOPR authority to the physical file as that will let the user access the physical file directly.
================================== MORE INFORMATION ON THIS TOPIC ==================================
The Best Web Links: tips, tutorials and more.
Search400's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Check out this Search400.com Featured Topic: Top ten security tips
This was first published in October 2004