Midrange News for the IBM i Community

Posted by: Bob Cozzi
Rogue Programmer
Cozzi Productions, Inc.
Is the Basic Job Schedule a Security Hole?
has no ratings.
Published: 09 Nov 2012
Revised: 23 Jan 2013 - 2246 days ago
Last viewed on: 19 Mar 2019 (3897 views) 

Using IBM i? Need to create Excel, CSV, HTML, JSON, PDF, SPOOL reports? Learn more about the fastest and least expensive tool for the job: SQL iQuery.

Is the Basic Job Schedule a Security Hole? Published by: Bob Cozzi on 09 Nov 2012 view comments(13)

It just occurred to me that I can add a job scheduler entry (ADDJOBSCDE) and specify a user profile under which the scheduled job will run.

What if specify QSECOFR or another "powerful" user profile as the user profile?

What if the program that will be run is a CL program that changes "my" user profile to *ALLOBJ?

I may have to try this at home.

Return to midrangenews.com home page.
Sort Ascend | Descend