|
midrange.com
I think I have a workaround.
GRTOBJAUT OBJ(EDIONR) OBJTYPE(*USRPRF) USER(thisuser) AUT(*OBJOPR *ADD)
Therefore it looks like:
Display Object Authority
Object . . . . . . . : EDIONR Owner . . . . . . . : QSECOFR
Library . . . . . : QSYS Primary group . . . : *NONE
Object type . . . . : *USRPRF ASP device . . . . . : *SYSBAS
Object ----------Object-----------
User Group Authority Opr Mgt Exist Alter Ref
QSECOFR *ALL X X X X X
EDIJOB USER DEF X X
EDIONR USER DEF X X
thisuser USER DEF X
*PUBLIC *EXCLUDE
Object ---------------Data---------------
User Group Authority Read Add Update Delete Execute
QSECOFR *ALL X X X X X
EDIJOB USER DEF X X X X
EDIONR USER DEF X X X X X
thisuser USER DEF X
*PUBLIC *EXCLUDE
They then can restore objects that are owned by EDIONR.
This definetly overrides the CPF3757.
Any potential security breaches with this solution?
Rob Berendt
--
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
Benjamin Franklin
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
