ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzakz_5.4.0.1/rzakzquseadpaut.htm

113 lines
7.0 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Security system values: Users who can cause programs to use adopted authority from calling programs" />
<meta name="abstract" content="Specifies which users can work with programs with adopted authorities. (QUSEADPAUT)" />
<meta name="description" content="Specifies which users can work with programs with adopted authorities. (QUSEADPAUT)" />
<meta name="DC.Relation" scheme="URI" content="rzakzsecurityoverview.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakzlocksecurity.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakzfinder.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzakzquseadpaut" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Security system values: Users who can cause programs to use adopted
authority from calling programs</title>
</head>
<body id="rzakzquseadpaut"><a name="rzakzquseadpaut"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Security system values: Users who can cause programs to use adopted
authority from calling programs</h1>
<div><p>Specifies which users can work with programs with adopted authorities.
(QUSEADPAUT)</p>
<p><span class="uicontrol">Users who can cause programs to use adopted authority from calling
programs</span>, also known as <span class="uicontrol">QUSEADPAUT</span>, is
a member of the security category of i5/OS™ system values. You can use this system
value to specify which users can work with programs with adopted authorities.
To learn more, keep reading.</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><thead align="left"><tr><th colspan="2" valign="top" class="firstcol" id="d0e31">Quick reference</th>
</tr>
</thead>
<tbody><tr><th valign="top" class="firstcol" id="d0e35" headers="d0e31 ">Location</th>
<td valign="top" headers="d0e35 d0e31 ">In iSeries™ Navigator,
select your system, <span class="menucascade"><span class="uicontrol"></span> &gt; <span class="uicontrol">Configuration
and Service</span> &gt; <span class="uicontrol">System Values</span> &gt; <span class="uicontrol">Security</span> &gt; <span class="uicontrol">General</span></span></td>
</tr>
<tr><th valign="top" class="firstcol" id="d0e53" headers="d0e31 ">Special authority</th>
<td valign="top" headers="d0e53 d0e31 ">All object (*ALLOBJ) and security administrator (*SECADM)</td>
</tr>
<tr><th valign="top" class="firstcol" id="d0e58" headers="d0e31 ">Default value</th>
<td valign="top" headers="d0e58 d0e31 ">All users</td>
</tr>
<tr><th valign="top" class="firstcol" id="d0e63" headers="d0e31 ">Changes take effect</th>
<td valign="top" headers="d0e63 d0e31 ">Immediately</td>
</tr>
<tr><th valign="top" class="firstcol" id="d0e68" headers="d0e31 ">Lockable</th>
<td valign="top" headers="d0e68 d0e31 ">Yes Lock function of security-related system values<br /><img src="rzakz503.gif" alt="Lockable system value" /><br /> (Click for details)</td>
</tr>
</tbody>
</table>
</div>
<div class="section"><h4 class="sectiontitle">What can I do with this system value?</h4><p>You may define
which users can create, change and update programs that use the authority
of the program which called them. The specified users can work with programs
that have the use adopted authority attribute set to yes (USEADPAUT(*YES)).</p>
<p>A
user is able to create a program (Program A) that uses the authority of another
program (Program B) when Program A is called by Program B.</p>
<p>Possible
options are:</p>
<dl><dt class="dlterm">All users (*NONE)</dt>
<dd>All users can create, change, or update programs and service programs
to use the authority of the program which called them if the user has the
necessary authority to the program or service program.</dd>
<dt class="dlterm">Authorization list</dt>
<dd>An authorization list is used to secure objects with similar security
needs. Authority can be granted to the list rather than to the individual
objects. <p>The user's authority is checked against the specified authorization
list. This authority cannot come from adopted authority. If the user has at
least the USE authority attribute in the specified authorization list, the
user can create, change, or update programs or service programs that use the
authority of the program which called them.</p>
<p>If the specified authorization
list does not exist, the operation being attempted will not complete. A message
is sent indicating this. If more than one operation is requested on the command
or API, and the authorization list does not exist, the operation is not performed.
If the command being attempted when the authorization list cannot be found
is Create Pascal Program (CRTPASPGM) or Create Basic Program (CRTBASPGM),
the result is a function check. This is a type of error. It is not a security
check.</p>
</dd>
</dl>
</div>
<div class="section"><h4 class="sectiontitle">Where can I get more information about this system value?</h4><p>To
learn more, go to the security system values overview topic. If you are looking
for a specific system value or category of system values, try using the i5/OS system
value finder.</p>
</div>
</div>
<div><div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzakzsecurityoverview.htm" title="Use i5/OS security system values to control object, user, and system security values.">System values: Security overview</a></div>
<div><a href="rzakzlocksecurity.htm" title="Find information about how to lock and unlock system values. Only some system values can be locked. This will provide you with a description of the lock function, what system values can be locked, and how to lock and unlock them.">Lock function of security-related system values</a></div>
</div>
<div class="relinfo"><strong>Related information</strong><br />
<div><a href="rzakzfinder.htm">System value finder</a></div>
</div>
</div>
</body>
</html>