Do not use Application Administration as a security tool.
Application Administration was designed for customizing the functions
available on your client PC. You should not use Application Administration
for administering security on your client PC for these reasons:
- Application Administration uses the Windows® registry to cache restrictions
on the client PC. A skilled user who is restricted from a function by Application
Administration could obtain access to the function by editing the registry.
- If multiple interfaces exist to the same resource, restricting a single
interface through Application Administration does not restrict the other interfaces
to the same resource. For example, you can restrict a user from accessing
the database function of iSeries™ Navigator through Application Administration.
However, the user can still access database files by using other database
interfaces, such as Open Database Connectivity (ODBC) or database control
language (CL) commands.