QFileSvr.400 file system

 

With the QFileSvr.400 file system, a user (USERX) on one iSeries™ system (SYSTEMA) can access data on another connected iSeries system (SYSTEMB).

The USERX has an interface that is just like the Client Access interface. The remote iSeries server (SYSTEMB) appears as a directory with all its file systems as subdirectories. When USERX attempts to access SYSTEMB with this interface, SYSTEMA sends USERX’s user profile name and encrypted password to SYSTEMB. The same user profile and password must exist on SYSTEMB or SYSTEMB rejects the request. If SYSTEMB accepts the request, USERX appears to SYSTEMB just like any Client Access user. The same authority-checking rules apply to any actions that USERX attempts.

As a security administrator, you need to be aware that the QFileSvr.400 file system represents another possible door to your system. You cannot assume that you are limiting your remote users to an interactive sign on with display station passthrough. If you have the QSERVER subsystem running and your system is connected to another iSeries system, remote users can access your system as if they are on a local PC running Client Access. More than likely, your system will have a connection that needs to have the QSERVER subsystem running. This is yet another reason why a good object authority scheme is essential.

 

Parent topic:

Planning integrated file system security