John,
If you don't have an exit program for the QIBM_QRQ_SQL, QIBM_QZDA_SQL1 and QIBM_QZDA_SQL2 exit points that filter table names you will have to use object level authority on the files themselves.
Going to object level security is probably your most secure method though.
o Program access is restricted by authorization list.
o Programs adopt the authority necessary to access the database (owned by a profile that can add/update/delete records in a file).
o Database access is restricted by authorization list. *PUBLIC is given *EXCLUDE rights to all your files.
o Add read rights to users as needed to the authorization list.
You can create authorization lists in whatever scheme/granularity suits your shop.
HTH
Gary Monnier
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of John Candidi
Sent: Friday, March 02, 2012 11:49 AM
To: Midrange Systems Technical Discussion
Subject: ODBC question
How do you give someone read only capability when accessing the I series via ODBC or transfer functions? We are still on 5.2 going to 5.4
John A. Candidi
American European Insurance Group
IT Systems, Application and Support Manager, CSO Office (856-779-6915) Mobile (484-645-5598) jacandidi@xxxxxxxxxxxxxxxxx
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at
http://archive.midrange.com/midrange-l.
midrange.com
