I am trying to determine if there are any specific exit programs I can use to limit user abilities within the interactive...
SQL on the iSeries. I need to limit some users from being able to insert/update/delete database files while not shutting them out of SQL altogether. I was hoping there was a single exit point I could use. Unfortunately, there is no one exit point that will allow you to manage SQL requests. In addition, these exit programs are not trivial and can change from release to release. To determine what file is being accessed you must parse the incoming request statement. If you cannot manage user access via object authority to the files you want to protect, then I suggest you look into one an exit program software package available from many security software vendors. However, I encourage you to investigate placing object authorities on the files you wish to protect because those authorities will be there no matter what interface the file is being accessed through -- sockets, Web applications such as WebSphere, and command line access, etc in addition to all of the network interfaces such as FTP and ODBC.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: tips, tutorials and more.
Search400's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Check out this Search400.com Featured Topic: Top ten security tips
Dig Deeper on iSeries system and application security
Related Q&A from Carol Woodbury
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ... Continue Reading
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the ... Continue Reading
When error messages arise concerning attempts to use a permanent system object without authority, find the source of the issue by looking for an AF ... Continue Reading