Greg Wenzloff wrote on 05/13/2005 12:37:24 PM:

> Anyway in reading his article he mentions the command CHGSYSSEC but warns
to
> retrieve the CL source and study it before using the command.  I was
curious
> and retrieved the source code.  WOW! Seems like a land mine waiting to go
> off.
>
> This command changes about 20-30 system values and 5 user profiles.
Things
> like QSECURITY = 50; QSYSOPR password = *NONE. It also runs several
programs
> with no clue what they do. It looks to me like something a person would
be
> tempted to run if they just got fired and were asked to leave.
>
> Why would IBM ship something so dangerous?

The command discussed in the article is the CFGSYSSEC command. This command
requires the user to have *ALLOBJ, *SECADM, and *AUDIT special authorities.
If you have a CHGSYSSEC command on your system it probably did not come
from IBM. The CFGSYSSEC command was created before the Security Wizard and
was intended for an administrator to configure the security of  their
system. Any programs that are called by the CPP for this command are APIs
so you should be able to find documentation for them.

Ed Fishel,
edfishel@xxxxxxxxxx


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.