2.2.1 File and Folder Security

During installation the xxxPGMLIB and QOTHPRDOWN user profiles are created with a default password of LANSA. You need to change these passwords to make your system secure.

Files and folders in the JSM instance are shipped with the owner being QOTHPRDOWN and *PUBLIC authority of *EXCLUDE. The JSM user specified at install time is granted all data and object authority.

To allow other user profiles to access JSM files and folders you can use the i5/OS user profile primary group or supplemental group feature.



To change the data and object authorities of existing files and folders you can use the CHGJSMAUT, CHGJSMPGP, CHGAUT or CHGPGP commands.

By default, IFS files created by Java, inherit the *PUBLIC object authority from the parent directory. The system properties os400.file.create.auth and os400.dir.create.auth can be used to control the *PUBLIC object authority for created files and directories.

Specifying the properties without any values or with unsupported values results in a public authority of *NONE.




To change the *PUBLIC file and folder creation data authority to a particular value requires changing the following properties in the SystemDefault properties file.