
	Home > Ask the AS/400 Experts > iSeries Security Questions & Answers > Run a stored procedure in AS/400 with limited profile access

Ask The iSeries 400 Expert: Questions & Answers

EMAIL THIS

Run a stored procedure in AS/400 with limited profile access

EXPERT RESPONSE FROM: Carol Woodbury

		Pose a Question

		Other iSeries 400 Categories

		Meet all iSeries 400 Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 30 March 2008
An open systems function is making a call to AS/400 to run a stored procedure. Our security group needs to ensure that the profile used to make that call cannot do anything else (i.e. cannot call a different procedure or call an RPG-based program). How can I ensure that the process is given explicit access to call only that one function and nothing else? Do I grant authority to just that one stored procedure object?

EXPERT RESPONSE
If you are using one of the exit-point vendors' solutions, you could allow this specific stored procedure to be run and deny access to all other network interface calls (such as FTP or DDM calls. You would then need to make sure that the profile could not be used for interactive sign on. To do this, you'd need to make sure the initial program was *NONE and the initial menu was *SIGNOFF. However this configuration is not perfect or foolproof. I5/OS has not provided exit points for all entrances to the system, so the profile could still be used for Web applications and socket programs, if not more. Also, the profile could still be used to submit and run batch or scheduled jobs.

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	iSeries Security
	Primary group authority: How it works
	Blocking access to SQL line commands
	Moving files to new libraries allows access to only groups or users that are authorized
	Changing telnet ports: A security solution?
	Moving to security level 30
	Menu security's relationship to object authority
	Encrypting files or fields on the iSeries
	Changing the QSECOFR password
	Overriding the timeout interval on specific terminals
	Deleting iSeries audit logs

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

iSeries Networking - Printing, Remote Access, TCP/IP

SEARCH

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Reprints \| Site Map All Rights Reserved, Copyright 1999 - 2008, TechTarget \| Read our Privacy Policy