> -----Ursprüngliche Nachricht-----
> Von: midrange-l-bounces@xxxxxxxxxxxx 
> [mailto:midrange-l-bounces@xxxxxxxxxxxx] Im Auftrag von Ed Fishel
> Gesendet: Freitag, 13. Mai 2005 18:40
> An: Midrange Systems Technical Discussion
> Betreff: Re: outqueue - data authority
> 
> Mihael Knezevic wrote on 05/12/2005 03:24:55 AM:
> 
> > i got a little problem understanding the keyword AUTCHK of 
> an outqueue.
> >
> > my understanding is that if i put *DTAAUT in AUTCHK then 
> the user with
> the
> > *R(ead) data authority can read any spool from any user in that 
> > specific outqueue.
> >
> > i checked the data authority on the outqueue with:
> >
> > DSPAUT OBJ('/QSYS.LIB/QGPL.LIB/TESTOUTQ.OUTQ')
> >
> > and got:
> >
> > <snip>
> > TESTMK      *RX
> > </snip>
> >
> > so the user TESTMK has the data authority read and execute. 
> should be
> enough
> > for reading a spool file, or not?
> >
> > but the user can't read a spool file that is not his own in that 
> > outqueue. can anybody explain this to me?
> 
> >From Appendix D of the Security Reference manual, my 
> understanding is 
> >that
> when DSPDTA is *NO and AUTCHK is *DTAAUT then a user without 
> *SPLCTL special authority will need *READ, plus *ADD plus 
> *DLT authority to the output queue to display some other 
> users spooled files.  
hmm. i thought *SPLCTL will give u full control over the outqueue.
in conjuction with AUTCHK *SPLCTL was never mentioned. can u point me to a link 
to a document which refers to this?


> There are other ways they can be 
> authorized to display the spooled files such as when OPRCTL 
> is *YES and they have *JOBCTL special authority, or when 
> DSPDTA is *YES and they have *READ authority to the output 
> queue, or when AUTCHK is *OWNER and they are the owner of the 
> output queue.
> 
> Ed Fishel,
> edfishel@xxxxxxxxxx
> 
> 
> --
> This is the Midrange Systems Technical Discussion 
> (MIDRANGE-L) mailing list To post a message email: 
> MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change 
> list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, 
> please take a moment to review the archives at 
> http://archive.midrange.com/midrange-l.
> 
> 


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.