PRTPRFUSR -- Print Profile User

PRTPRFUSR PRINT PROFILE USER TAASELI
The Print Profile User command lists profiles with ALLOBJ authority, along with profiles with USE authority or greater to that profile. The report is generated into a spool file, PRTPRFUSR. The command is meant to help a system security officer determine security exposures on the system, due to profiles having excessive authority. For each ALLOBJ profile, the output lists what type of PUBLIC authority is set. Special note should be made of any profiles with PUBLIC USE, as these can be a major security risk. Secondly, the output lists any profile with USE authority or greater to the ALLOBJ profile. The specific authority level is indicated - ALL, CHANGE, USE, or USER DEF >= USE. A typical command would be entered as: PRTUSRPRF Future enhancements may provide additional profile selection criteria so other types of analysis can be done. Command parameters CMD ------------------ None Restrictions ------------ You must have ALLOBJ authority to run this command. Prerequisites ------------- The following TAA Tools must be on your system: RTVSPCAUT Retrieve special authority RTVPUBAUT Retrieve public authority CHKSPCAUT Check special authority SNDCOMPMSG Send completion message SNDESCMSG Send escape message SNDSTSMSG Send status message SNDESCINF Send escape info CRTUSRSPC Create user space EDTVAR Edit variable Implementation -------------- None, the tool is ready to use. Objects used by the tool ------------------------ Object Type Attribute Src member Src file ------ ---- --------- ---------- ---------- PRTPRFUSR CMD TAASELI QATTCMD TAASELIC PGM CLP TAASELIC QATTCL TAASELIR *PGM RPG TAASELIR QATTRPG

PRTPRFUSR       PRINT PROFILE USER                     TAASELI


The Print Profile  User command lists profiles with  *ALLOBJ authority,
along  with profiles with  *USE authority  or greater to  that profile.
The report is generated into a spool file, PRTPRFUSR.

The  command  is  meant to  help  a system  security  officer determine
security exposures  on the  system,  due to  profiles having  excessive
authority.

For  each  *ALLOBJ profile,  the  output  lists  what type  of  *PUBLIC
authority  is set.   Special note should  be made of  any profiles with
*PUBLIC *USE, as these can be a major security risk.

Secondly, the output lists any  profile with *USE authority or  greater
to the  *ALLOBJ profile.  The  specific authority level is  indicated -
*ALL, *CHANGE, *USE, or USER DEF >= *USE.

A typical command would be entered as:

      PRTUSRPRF

Future  enhancements may provide additional  profile selection criteria
so other types of analysis can be done.

Command parameters                                    *CMD
------------------

None

Restrictions
------------

You must have *ALLOBJ authority to run this command.

Prerequisites
-------------

The following TAA Tools must be on your system:

          RTVSPCAUT     Retrieve special authority
          RTVPUBAUT     Retrieve public authority
          CHKSPCAUT     Check special authority
          SNDCOMPMSG    Send completion message
          SNDESCMSG     Send escape message
          SNDSTSMSG     Send status message
          SNDESCINF     Send escape info
          CRTUSRSPC     Create user space
          EDTVAR        Edit variable

Implementation
--------------

None, the tool is ready to use.

Objects used by the tool
------------------------

   Object        Type        Attribute      Src member    Src file
   ------        ----        ---------      ----------    ----------

   PRTPRFUSR     *CMD                       TAASELI       QATTCMD
   TAASELIC      *PGM           CLP         TAASELIC      QATTCL
   TAASELIR      *PGM           RPG         TAASELIR      QATTRPG

Added to TAA Productivity tools October 15, 2015

Home Page

Up to Top