I am a technology auditor with some exposure to OS/400. My environment has a "development" 400 and a "production" 400. Access to the development box is fairly open. If someone has *SAVSYS Special Authority to the production box, can they write a new program on the development computer (with the same name as a program on the production computer) and overwrite the program on production with unauthorized code by "restoring" it?
If the user doesn't have ownership, or object existence authority, they cannot restore over the object, if it already exists. Make sure they don't own or have authority to the object through a group profile.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: tips, tutorials and more.
Ask your OS/400 questions--or help out your peers by answering them--in our live OS/400 discussion forums.
Check out this search400 Featured Topic on iSeries Networking.
Dig Deeper on Upgrading
Related Q&A from John Brandt
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.