Let's say in a security level 30 environment, a sensitive object has been assigned the *ALL authority for *PUBLIC. If a group of users has been assigned a menu that does not get them to any security functions, would they still be able to access that sensitive object because of the *ALL authority to PUBLIC, or would that be impossible due to their menu options?
Dig Deeper on iSeries system and application security
Related Q&A from Carol Woodbury
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ... Continue Reading
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the ... Continue Reading
When error messages arise concerning attempts to use a permanent system object without authority, find the source of the issue by looking for an AF ... Continue Reading