When the system accesses an object that you refer to, it checks
to determine if you are authorized to use the object and to use it in the
way you are requesting.
Generally, you must be authorized at two levels:
- You must be authorized to use the object on which you have requested a
function to be performed.
- You must be authorized to the library containing the object. If a library
list is used, you must be authorized to the libraries in the list.
Object authority is controlled by the system's security functions, which
include the following:
- An object owner and users with *ALLOBJ special authority have all authority
for an object, and can grant and revoke authority to and from other users.
- Users have public authority when private authority has not been granted
to them for the object.
Special considerations apply when writing a program that must be secure
(for example, a program that adopts the security officer's user profile).