Re: Change debug encryption on a program? -- MIDRANGE-L

Hi, Barbara,

Thanks for that clarification.

Testing reveals that in addition to what you have stated, a user without *ALLOBJ can also be prevented from viewing the *SOURCE by either revoking authority from the library or source file containing the source member, (or simply by renaming that source member), so "debug" does not "find" it where expected ... ;-) Debug then automatically reverts to using the *LISTING view, if present, and prompts for the password, if encrypted.

All the best,

Mark S. Waterbury

> On 3/7/2018 6:05 PM, Barbara Morris wrote:

On 2018-03-07 1:32 PM, Mark S Waterbury wrote:

Also, if you ship code compiled with DBGVIEW(*ALL) or DBGVIEW(*LISTING) and a DBGENCPWD("password"), any user with *ALLOBJ can apparently issue STRDBG for that object, and they can "see" the source views without having to enter the password ...

When compiled with DBGVIEW(*LIST) and DBGENCKEY(password), my experience is that even with *ALLOBJ, I can't see the listing view without specifying the password.

I agree that with DBGVIEW(*ALL), if the source is on the system, anyone with authority to the source can see the source debug view.

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.