
	Home > Ask the AS/400 Experts > iSeries Security Questions & Answers > Developer User ID access settings

Ask The iSeries 400 Expert: Questions & Answers

EMAIL THIS

Developer User ID access settings

EXPERT RESPONSE FROM: Ken Graap

		Pose a Question

		Other iSeries 400 Categories

		Meet all iSeries 400 Experts
		Become an Expert for this site

iSeries news and advice

Digg This! StumbleUpon Del.icio.us

QUESTION POSED ON: 01 December 2008
I have a situation where the developers of an application have command line access i.e. Limited capabilities = NO. However the production programs and data have been secured via an authorization list and the developers have use access to the production programs and data libraries. Is there a clever way of circumventing object authority if you have command-line access?

I am of the opinion that a developer's User ID should never be authorized to access production applications or data… If a developer requires access to a production application, create another User ID for them, just like any other production user.

Allowing a developer to have command line access to production applications and data just makes your job as a Security Administrator that much harder. Now you do have to worry about what a developer can do that they shouldn't be doing.

If you give developers command line access to production applications, you are providing a way for an untrustworthy developer to play around with your production security configuration and if they are lucky or devious enough they just may figure out a way to hack it. Play it safe… exclude developer User ID's from production access.

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	iSeries Security
	Changing password security levels and upgrading operating systems on the IBM i
	Determine the value of parameter UPPWEI in the DSPUSRPRF field
	Define journal code value "K"
	Modify content within a journal receiver file
	Change password parameters on the AS/400 without deactivating user's passwords
	Prevent insiders with READ or USE access from circumventing object authority on IBM i
	Prevent insiders from obtaining user ids and passwords on the IBM i
	Change the IBM i system to allow only certain types of SSL protocol versions
	Authorize a specific user to select files in a separate library
	Allow a user to view a library prod without granting full access to all data

iSeries system and application security

Developing a security incident response system for System i

Setting up security for programmers on IBM i

Blocking AS/400 DB2 users

Trouble accessing IFS path from Win2k3 server

Checking in on your IBM i authorization lists

Strategies for securing IBM i production files

Changing password security levels and upgrading operating systems on the IBM i

Determine the value of parameter UPPWEI in the DSPUSRPRF field

Define journal code value "K"

Modify content within a journal receiver file

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

midrange (Search400.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

iSeries Networking - Printing, Remote Access, TCP/IP

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 1999 - 2009, TechTarget \| Read our Privacy Policy