Manage Learn to apply best practices and optimize your operations.

Is it a flat file or a database file?

If a legacy application is using RPG II to write data files to an iSeries 400 machine, are the files flat files instead of database files? If so, and the system has a security level of 20, how secure are these files? This environment is running OS/400 version 3 and an old application on top of it.

The files are, more than likely, not secure at all. The problem with security level 20 is that, by default, all users are created with *ALLOBJ special authority. This means that, by default, anyone can literally do anything to all objects - files, libraries, etc on the system. For example, files can be deleted or updated, programs can be replaced or production data copied to a PC and sold to a competitor. Needless to say, this is a dangerous situation. You can remove *ALLOBJ from user profiles at security level 20. If you do that for all profiles, you are essentially running with the same protection as security level 30. But before you can remove the *ALLOBJ, you have to have a scheme for users to get the authority they need to the data so they can still do their jobs.


The Best Web Links: tips, tutorials and more.

Search400's targeted search engine: Get relevant information on security.

Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.

Dig Deeper on iSeries system and application security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.