113 lines
7.0 KiB
HTML
113 lines
7.0 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="concept" />
|
||
|
<meta name="DC.Title" content="Security system values: Users who can cause programs to use adopted authority from calling programs" />
|
||
|
<meta name="abstract" content="Specifies which users can work with programs with adopted authorities. (QUSEADPAUT)" />
|
||
|
<meta name="description" content="Specifies which users can work with programs with adopted authorities. (QUSEADPAUT)" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzakzsecurityoverview.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzakzlocksecurity.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzakzfinder.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="rzakzquseadpaut" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Security system values: Users who can cause programs to use adopted
|
||
|
authority from calling programs</title>
|
||
|
</head>
|
||
|
<body id="rzakzquseadpaut"><a name="rzakzquseadpaut"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">Security system values: Users who can cause programs to use adopted
|
||
|
authority from calling programs</h1>
|
||
|
<div><p>Specifies which users can work with programs with adopted authorities.
|
||
|
(QUSEADPAUT)</p>
|
||
|
<p><span class="uicontrol">Users who can cause programs to use adopted authority from calling
|
||
|
programs</span>, also known as <span class="uicontrol">QUSEADPAUT</span>, is
|
||
|
a member of the security category of i5/OS™ system values. You can use this system
|
||
|
value to specify which users can work with programs with adopted authorities.
|
||
|
To learn more, keep reading.</p>
|
||
|
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><thead align="left"><tr><th colspan="2" valign="top" class="firstcol" id="d0e31">Quick reference</th>
|
||
|
</tr>
|
||
|
</thead>
|
||
|
<tbody><tr><th valign="top" class="firstcol" id="d0e35" headers="d0e31 ">Location</th>
|
||
|
<td valign="top" headers="d0e35 d0e31 ">In iSeries™ Navigator,
|
||
|
select your system, <span class="menucascade"><span class="uicontrol"></span> > <span class="uicontrol">Configuration
|
||
|
and Service</span> > <span class="uicontrol">System Values</span> > <span class="uicontrol">Security</span> > <span class="uicontrol">General</span></span></td>
|
||
|
</tr>
|
||
|
<tr><th valign="top" class="firstcol" id="d0e53" headers="d0e31 ">Special authority</th>
|
||
|
<td valign="top" headers="d0e53 d0e31 ">All object (*ALLOBJ) and security administrator (*SECADM)</td>
|
||
|
</tr>
|
||
|
<tr><th valign="top" class="firstcol" id="d0e58" headers="d0e31 ">Default value</th>
|
||
|
<td valign="top" headers="d0e58 d0e31 ">All users</td>
|
||
|
</tr>
|
||
|
<tr><th valign="top" class="firstcol" id="d0e63" headers="d0e31 ">Changes take effect</th>
|
||
|
<td valign="top" headers="d0e63 d0e31 ">Immediately</td>
|
||
|
</tr>
|
||
|
<tr><th valign="top" class="firstcol" id="d0e68" headers="d0e31 ">Lockable</th>
|
||
|
<td valign="top" headers="d0e68 d0e31 ">Yes Lock function of security-related system values<br /><img src="rzakz503.gif" alt="Lockable system value" /><br /> (Click for details)</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<div class="section"><h4 class="sectiontitle">What can I do with this system value?</h4><p>You may define
|
||
|
which users can create, change and update programs that use the authority
|
||
|
of the program which called them. The specified users can work with programs
|
||
|
that have the use adopted authority attribute set to yes (USEADPAUT(*YES)).</p>
|
||
|
<p>A
|
||
|
user is able to create a program (Program A) that uses the authority of another
|
||
|
program (Program B) when Program A is called by Program B.</p>
|
||
|
<p>Possible
|
||
|
options are:</p>
|
||
|
<dl><dt class="dlterm">All users (*NONE)</dt>
|
||
|
<dd>All users can create, change, or update programs and service programs
|
||
|
to use the authority of the program which called them if the user has the
|
||
|
necessary authority to the program or service program.</dd>
|
||
|
<dt class="dlterm">Authorization list</dt>
|
||
|
<dd>An authorization list is used to secure objects with similar security
|
||
|
needs. Authority can be granted to the list rather than to the individual
|
||
|
objects. <p>The user's authority is checked against the specified authorization
|
||
|
list. This authority cannot come from adopted authority. If the user has at
|
||
|
least the USE authority attribute in the specified authorization list, the
|
||
|
user can create, change, or update programs or service programs that use the
|
||
|
authority of the program which called them.</p>
|
||
|
<p>If the specified authorization
|
||
|
list does not exist, the operation being attempted will not complete. A message
|
||
|
is sent indicating this. If more than one operation is requested on the command
|
||
|
or API, and the authorization list does not exist, the operation is not performed.
|
||
|
If the command being attempted when the authorization list cannot be found
|
||
|
is Create Pascal Program (CRTPASPGM) or Create Basic Program (CRTBASPGM),
|
||
|
the result is a function check. This is a type of error. It is not a security
|
||
|
check.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</div>
|
||
|
<div class="section"><h4 class="sectiontitle">Where can I get more information about this system value?</h4><p>To
|
||
|
learn more, go to the security system values overview topic. If you are looking
|
||
|
for a specific system value or category of system values, try using the i5/OS system
|
||
|
value finder.</p>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div><div class="relconcepts"><strong>Related concepts</strong><br />
|
||
|
<div><a href="rzakzsecurityoverview.htm" title="Use i5/OS security system values to control object, user, and system security values.">System values: Security overview</a></div>
|
||
|
<div><a href="rzakzlocksecurity.htm" title="Find information about how to lock and unlock system values. Only some system values can be locked. This will provide you with a description of the lock function, what system values can be locked, and how to lock and unlock them.">Lock function of security-related system values</a></div>
|
||
|
</div>
|
||
|
<div class="relinfo"><strong>Related information</strong><br />
|
||
|
<div><a href="rzakzfinder.htm">System value finder</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|