SOURCE FILE MEMBER INTEGRITY

**B.Kline** · 09-20-2001 08:07 AM

BORIS KUSHNIR wrote: > > RUNSQLSTM IS VERY VULNERABLE REGARDING INTEGRITY OF SOURCE MEMBER > CONTAINING SQL STATEMENT. > HOW TO PROTECT MEMBER FROM MODIFICATIONS OF ITS DATA? Boris: Use the EDTOBJAUT command on the source physical file to set the public authorities to *USE. Barry

Guest.Visitor · 09-20-2001 09:06 AM

BARRY,THANKS ,BUT: 1.IN OUR SHOP A LOT OF PEOPLE HAVE *ALLOBJ AUTHORITY 2.IF I FOLLOW YOUR ADVICE I'LL ACTUALLY CHANGE AUTHORITY FOR FILE NOT A MEMBER 3.I UNDERSTAND THAT THERE IS NO AUTHORITY ON A MEMBER LEVEL, BUT IT SHOULD BE SOME WAY AROUND .

**B.Kline** · 09-20-2001 09:36 AM

BORIS KUSHNIR wrote: > > BARRY,THANKS ,BUT: > 1.IN OUR SHOP A LOT OF PEOPLE HAVE *ALLOBJ AUTHORITY > 2.IF I FOLLOW YOUR ADVICE I'LL ACTUALLY CHANGE AUTHORITY FOR FILE NOT > A MEMBER > 3.I UNDERSTAND THAT THERE IS NO AUTHORITY ON A MEMBER LEVEL, BUT > IT SHOULD BE SOME WAY AROUND . Hi Boris... If you have that many people with *ALLOBJ authority then you have a MAJOR problem. There's nothing you can do to protect a member from a user that has *ALLOBJ authority, apart from keeping good backups. What I do for RUNSQLSTM members in my shop is create a separate source physical file to contain them. That way I can assign to the file *USE authority for the public so that they can use them but without fear that they'll get munged in any way. But again that won't help in a shop where *ALLOBJ authority is prevalent. Barry

Guest.Visitor · 09-20-2001 10:50 AM

RUNSQLSTM IS VERY VULNERABLE REGARDING INTEGRITY OF SOURCE MEMBER CONTAINING SQL STATEMENT. HOW TO PROTECT MEMBER FROM MODIFICATIONS OF ITS DATA?

Guest.Visitor · 09-20-2001 10:50 AM

THANK YOU BARRY. IT'S VERY SAD.

Thread: SOURCE FILE MEMBER INTEGRITY

Thread Tools