1.  Home
  2. SECURITY400
  3. June 2006

Re: STRSRVJOB and database journal entries

But in the case below, isn't the Journal accurate?

Program reads in database record.  Pgm changes data, hits break point before
the update is issued.  Person uses CHGPGMVAR to change one of the fields and
then resumes execution.  Record update is done.  Journal accurately shoes
what the data was when the record was written/updated...AFTER the chgpgmvar!

Not seeing the problem.

Bob


-----Original Message-----
From: security400-bounces@xxxxxxxxxxxx [mailto:security400-
bounces@xxxxxxxxxxxx] On Behalf Of mlazarus@xxxxxxxxxxxxx
Sent: Wednesday, June 28, 2006 12:51 PM
To: security400@xxxxxxxxxxxx
Subject: Re: [Security400] STRSRVJOB and database journal entries

 You are also required to have at least *USE authority to the target job's
*USRPRF.  So, if the system in question has a gaping security hole
(allowing the user to debug the job in the first place), I wouldn't expect
IBM to log all changes to the journal, especially since those changes were
to memory, not yet in the database.

 -mark

Original Message:
-----------------
From: Hall, Philip phall@xxxxxxxx
Date: Wed, 28 Jun 2006 11:31:15 -0500
To: security400@xxxxxxxxxxxx
Subject: Re: [Security400] STRSRVJOB and database journal entries



I started a debug session for another job, using chgpgmvar I changed a
program variable that was due to be written to a database file and then

I

looked at the journal.
There was no trace of the fact that the job that wrote the modified

value

was interrupted in any way.
This looks like a problem, doesn't it?


Only if you put debug versions of your objects into production.


--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .



_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400)
mailing list
To post a message email: Security400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/security400
or email: Security400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.