During installation the xxxPGMLIB and QOTHPRDOWN user profiles are created with a default password of LANSA. You need to change these passwords to make your system secure.
Files and folders in the JSM instance are shipped with the owner being QOTHPRDOWN and *PUBLIC authority of *EXCLUDE. The JSM user specified at install time is granted all data and object authority.
To allow other user profiles to access JSM files and folders you can use the i5/OS user profile primary group or supplemental group feature.
CHGUSRPRF USRPRF(MYUSER) GRPPRF(XXXXXXXXXX) OWNER(*USRPRF|*GRPPRF) SUPGRPPRF(xxxPGMLIB)
To change the data and object authorities of existing files and folders you can use the CHGJSMAUT, CHGJSMPGP, CHGAUT or CHGPGP commands.
By default, IFS files created by Java, inherit the *PUBLIC object authority from the parent directory. The system properties os400.file.create.auth and os400.dir.create.auth can be used to control the *PUBLIC object authority for created files and directories.
Specifying the properties without any values or with unsupported values results in a public authority of *NONE.
To change the *PUBLIC file and folder creation data authority to a particular value requires changing the following properties in the SystemDefault properties file.