Recently it was pointed out to me that the IFS uses the same disk as the rest of the iSeries 400. Previously, I thought it was restricted to some area. Now I am concerned that a PC application might be able to load up the disk through the IFS. Is this a problem?
The IFS needs as much attention as the "traditional" library structure in OS/400. The IFS "starts" with a directory called "root" - denoted by "" When you display authorities in the IFS, you can use the WRKAUT (Wok with Authorities) command. You will need to pay attention to two sets of authorities - Data Authorities and Object Authorities. Both sets of authorities are shipped, by default, with *PUBLIC having all of the authorities. This is important because, in most cases, when a directory or folder is created, it inherits the authorities of the directory it's created into. This is like creating a library with *PUBLIC(*ALL) and then having all of the objects created into the libraries also created as *PUBLIC(*ALL).
MORE INFORMATION ON THIS TOPIC
The Best Web Links: tips, tutorials and more.
Search400's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Dig Deeper on iSeries system and application security
Related Q&A from Carol Woodbury
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ... Continue Reading
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the ... Continue Reading
The UPPWEI field corresponds to the password expiration interval field, and its values "0" and "-1" represent the *SYSVAL and *NOXMAX commands. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.