110 lines
8.0 KiB
HTML
110 lines
8.0 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="concept" />
|
||
|
<meta name="DC.Title" content="Specify public authority" />
|
||
|
<meta name="abstract" content="When you create a file, you can specify and grant public authority. Read about the values you can specify for public authority and how you can grant it." />
|
||
|
<meta name="description" content="When you create a file, you can specify and grant public authority. Read about the values you can specify for public authority and how you can grant it." />
|
||
|
<meta name="DC.subject" content="public authority, definition, authority, public, Edit Object Authority (EDTOBJAUT) command, EDTOBJAUT (Edit Object Authority) command, command, CL, EDTOBJAUT (Edit Object Authority), Edit Object Authority (EDTOBJAUT), Grant Object Authority (GRTOBJAUT) command, GRTOBJAUT (Grant Object Authority) command, GRTOBJAUT (Grant Object Authority), Grant Object Authority (GRTOBJAUT), Revoke Object Authority (RVKOBJAUT) command, RVKOBJAUT (Revoke Object Authority) command, RVKOBJAUT (Revoke Object Authority), Revoke Object Authority (RVKOBJAUT), AUT (Authority) parameter, Authority (AUT) parameter, parameter, AUT (Authority)" />
|
||
|
<meta name="keywords" content="public authority, definition, authority, public, Edit Object Authority (EDTOBJAUT) command, EDTOBJAUT (Edit Object Authority) command, command, CL, EDTOBJAUT (Edit Object Authority), Edit Object Authority (EDTOBJAUT), Grant Object Authority (GRTOBJAUT) command, GRTOBJAUT (Grant Object Authority) command, GRTOBJAUT (Grant Object Authority), Grant Object Authority (GRTOBJAUT), Revoke Object Authority (RVKOBJAUT) command, RVKOBJAUT (Revoke Object Authority) command, RVKOBJAUT (Revoke Object Authority), Revoke Object Authority (RVKOBJAUT), AUT (Authority) parameter, Authority (AUT) parameter, parameter, AUT (Authority)" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rbafosecuc.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rbafopubaon.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rbafosetdpaon.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="../cl/crtpf.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="../cl/crtsrcpf.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="../cl/edtobjaut.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="../cl/grtobjaut.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="../cl/rvkobjaut.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="rbafosecpub" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Specify public authority</title>
|
||
|
</head>
|
||
|
<body id="rbafosecpub"><a name="rbafosecpub"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">Specify public authority</h1>
|
||
|
<div><p>When you create a file, you can specify and grant public authority.
|
||
|
Read about the values you can specify for public authority and how you can
|
||
|
grant it.</p>
|
||
|
<div class="p">You can specify public authority through the AUT parameter on the Create
|
||
|
Physical File (CRTPF) or Create Source Physical File (CRTSRCPF) command. <em>Public
|
||
|
authority</em> is the authority available to any user who does not have specific
|
||
|
authority to the file or who is not a member of a group that has specific
|
||
|
authority to the file. Public authority is the last authority check made.
|
||
|
That is, if the user has specific authority to a file or the user is a member
|
||
|
of a group with specific authority, then the public authority is not checked.
|
||
|
Public authority can be specified as: <ul><li>*LIBCRTAUT. The library in which the file is created is checked to determine
|
||
|
the public authority of the file when the file is created. An authority is
|
||
|
associated with each library. This authority is specified when the library
|
||
|
is created, and all files created into the library are given this public authority
|
||
|
if the *LIBCRTAUT value is specified for the AUT parameter of the Create File
|
||
|
(CRTLF, CRTPF, and CRTSRCPF) commands. The *LIBCRTAUT value is the default
|
||
|
public authority.</li>
|
||
|
<li>*CHANGE. All users that do not have specific user or group authority to
|
||
|
the file have authority to change data in the file.</li>
|
||
|
<li>*USE. All users that do not have specific user or group authority to the
|
||
|
file have authority to read data in the file.</li>
|
||
|
<li>*EXCLUDE. Only the owner, security officer, users with specific authority,
|
||
|
or users who are members of a group with specific authority can use the file.</li>
|
||
|
<li>*ALL. All users that do not have specific user or group authority to the
|
||
|
file have all data authorities along with object operational, object management,
|
||
|
and object existence authorities.</li>
|
||
|
<li>Authorization list name. The authorization list is a list of users and
|
||
|
their authorities. The list allows users and their different authorities to
|
||
|
be grouped together.</li>
|
||
|
</ul>
|
||
|
<div class="note"><span class="notetitle">Note:</span> When you create a logical file, no data authorities are granted.
|
||
|
Consequently, *CHANGE is the same as *USE, and *ALL does not grant any data
|
||
|
authority.</div>
|
||
|
</div>
|
||
|
<div class="p">You can grant public authority in the following ways: <ul><li>Define public authority using iSeries™ Navigator. </li>
|
||
|
<li>Use the Edit Object Authority (EDTOBJAUT), Grant Object Authority (GRTOBJAUT),
|
||
|
or Revoke Object Authority (RVKOBJAUT) command to grant or revoke the public
|
||
|
authority of a file.</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
<p>You can also use iSeries Navigator to set default public authority
|
||
|
for a new file. </p>
|
||
|
</div>
|
||
|
<div>
|
||
|
<ul class="ullinks">
|
||
|
<li class="ulchildlink"><strong><a href="rbafopubaon.htm">Define public authority for a file using iSeries Navigator</a></strong><br />
|
||
|
Public authority is defined for every object on the system to describe
|
||
|
what type of access a user has to the object when that user has no specific
|
||
|
access to it. This topic shows how to define public authority for a file using
|
||
|
the iSeries Navigator.</li>
|
||
|
<li class="ulchildlink"><strong><a href="rbafosetdpaon.htm">Set a default public authority for new files using iSeries Navigator</a></strong><br />
|
||
|
Setting a default public authority allows you to have a common
|
||
|
authority that is assigned to all new objects when they are created in library.
|
||
|
You can edit the permissions for individual objects that require a different
|
||
|
level of security. Follow this to set a default public authority for new files
|
||
|
using the iSeries Navigator.</li>
|
||
|
</ul>
|
||
|
|
||
|
<div class="familylinks">
|
||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rbafosecuc.htm" title="These topics describe the actions you can take to secure your database.">Secure a database</a></div>
|
||
|
</div>
|
||
|
<div class="relref"><strong>Related reference</strong><br />
|
||
|
<div><a href="../cl/crtpf.htm">Create Physical File (CRTPF) command</a></div>
|
||
|
<div><a href="../cl/crtsrcpf.htm">Create Source Physical File (CRTSRCPF) command</a></div>
|
||
|
<div><a href="../cl/edtobjaut.htm">Edit Object Authority (EDTOBJAUT) command</a></div>
|
||
|
<div><a href="../cl/grtobjaut.htm">Grant Object Authority (GRTOBJAUT) command</a></div>
|
||
|
<div><a href="../cl/rvkobjaut.htm">Revoke Object Authority (RVKOBJAUT) command</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|