I'm using an FTP exit program to limit all FTP access to only known users and IP addresses. I have also assigned them a unique User ID and password.
You have a couple of options. Since you are requiring a unique user ID for this operation, you could exclude this user ID from all of the rest of your system libraries. So the only library this user has authority to is the specific library.
Second, you could do a little more with your exit program. Part of the information you're getting includes the object being FTP'd. You could examine this information in your exit program and not allow the operation to continue if the object is not in the specific library.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: Tips, tutorials and more.
Search400.com's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Read this Search400.com Featured Topic: Secure your iSeries
Dig deeper on iSeries system and application security
Related Q&A from Carol Woodbury
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ...continue reading
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the ...continue reading
When error messages arise concerning attempts to use a permanent system object without authority, find the source of the issue by looking for an AF ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.