friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0332907f0f
ibm-information-center/dist/eclipse/plugins/i5OS.ic.dm_5.4.0.1/rbal3secpub.htm

87 lines
7.2 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2005" />
<meta name="DC.rights.owner" content="(C) Copyright IBM Corporation 2005" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Limit access to files and data when creating files" />
<meta name="abstract" content="Specifying authorities allows you to control access to a file. You use the AUT parameter on the create command to specify public authority when you create a file" />
<meta name="description" content="Specifying authorities allows you to control access to a file. You use the AUT parameter on the create command to specify public authority when you create a file" />
<meta name="DC.subject" content="public authority, AUT parameter, file, security, public authority, authority, public, command, CL, EDTOBJAUT (Edit Object Authority), Edit Object Authority (EDTOBJAUT) command, EDTOBJAUT (Edit Object Authority) command, Edit Object Authority (EDTOBJAUT) command, EDTOBJAUT (Edit Object Authority), Edit Object Authority (EDTOBJAUT), object authority, editing, object authority, Grant Object Authority (GRTOBJAUT) command, GRTOBJAUT (Grant Object Authority), GRTOBJAUT (Grant Object Authority) command, Grant Object Authority (GRTOBJAUT) command, GRTOBJAUT (Grant Object Authority), Grant Object Authority (GRTOBJAUT), granting, Revoke Object Authority (RVKOBJAUT) command, RVKOBJAUT (Revoke Object Authority) command, Revoke Object Authority (RVKOBJAUT) command, RVKOBJAUT (Revoke Object Authority), Revoke Object Authority (RVKOBJAUT), revoking, RVKOBJAUT (Revoke Object Authority), commands used, parameter, AUT, AUT (authority) parameter, authorization, list name value" />
<meta name="keywords" content="public authority, AUT parameter, file, security, public authority, authority, public, command, CL, EDTOBJAUT (Edit Object Authority), Edit Object Authority (EDTOBJAUT) command, EDTOBJAUT (Edit Object Authority) command, Edit Object Authority (EDTOBJAUT) command, EDTOBJAUT (Edit Object Authority), Edit Object Authority (EDTOBJAUT), object authority, editing, object authority, Grant Object Authority (GRTOBJAUT) command, GRTOBJAUT (Grant Object Authority), GRTOBJAUT (Grant Object Authority) command, Grant Object Authority (GRTOBJAUT) command, GRTOBJAUT (Grant Object Authority), Grant Object Authority (GRTOBJAUT), granting, Revoke Object Authority (RVKOBJAUT) command, RVKOBJAUT (Revoke Object Authority) command, Revoke Object Authority (RVKOBJAUT) command, RVKOBJAUT (Revoke Object Authority), Revoke Object Authority (RVKOBJAUT), revoking, RVKOBJAUT (Revoke Object Authority), commands used, parameter, AUT, AUT (authority) parameter, authorization, list name value" />
<meta name="DC.Relation" scheme="URI" content="rbal3scurty.htm" />
<meta name="DC.Relation" scheme="URI" content="rbal3ft.htm" />
<meta name="DC.Relation" scheme="URI" content="../books/sc415302.pdf" />
<meta name="DC.Relation" scheme="URI" content="../rzamv/rzamvplansec.htm" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rbal3secpub" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Limit access to files and data when creating files</title>
</head>
<body id="rbal3secpub"><a name="rbal3secpub"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Limit access to files and data when creating files</h1>
<div><p>Specifying authorities allows you to control access to a file.
You use the AUT parameter on the create command to specify public authority
when you create a file</p>
<div class="section"><h4 class="sectiontitle">What public authority is</h4><div class="p">Public authority
is authority that is available to any user who does not have specific authority
to the file or who is not a member of a group that has specific authority
to the file. That is, if the user has specific authority to a file or the
user is a member of a group with specific authority, then the public authority
is not checked when a user performs an operation to the file. Public authority
can be specified as: <ul><li>*LIBCRTAUT. All users that do not have specific user or group authority
to the file have authority determined by the library in which the file is
being created. The library value is specified by the *CRTAUT command to establish
a public authority for this library.</li>
<li>*CHANGE. All users that do not have specific user or group authority
to the file have authority to use the file. The *CHANGE value is the default
public authority. *CHANGE grants any user object operational and all data
authorities.</li>
<li>*USE. All users that do not have specific user or group authority to
the file have authority to use the file. *USE grants any user object operational,
execute, and read data authority.</li>
<li>*EXCLUDE. Only the owner, security officer, users with specific authority,
or users who are members of a group with specific authority can change or
use the file.</li>
<li>*ALL. All users that do not have specific user or group authority to the
file have all data authorities and all object authorities.</li>
<li>Authorization list name. An authorization list is a list of users and
their authorities. The list allows users and their different authorities to
be grouped together.</li>
</ul>
</div>
</div>
<div class="section"><h4 class="sectiontitle">Specify or changing authorities on existing files</h4><p>To
specify or change public authority on an existing file, use the <a href="../cl/edtobjaut.htm">Edit Object Authority (EDTOBJAUT)</a>, <a href="../cl/grtobjaut.htm">Grant Object Authority
(GRTOBJAUT)</a>, or <a href="../cl/rvkobjaut.htm">Revoke
Object Authority (RVKOBJAUT</a>) commands to grant or revoke the public
authority of a file.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rbal3scurty.htm" title="The iSeries provides many security features help you control accesses to data and files.">Security</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rbal3ft.htm">File types</a></div>
</div>
<div class="relinfo"><strong>Related information</strong><br />
<div><a href="../books/sc415302.pdf" target="_blank">iSeries Security Reference PDF</a></div>
<div><a href="../rzamv/rzamvplansec.htm">Plan and set up system security</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink