Security level 20

Security level 20 provides more security functions than level 10. However, because at security level 20 all profiles are created with *ALLOBJ special authority by default, security level 20 is not recommended either. Running your server at this security level is both a security and integrity risk as you do not have the protection of the higher security levels, 40 and 50, activated and being enforced.

Security level 20 provides the following security functions:
  • Both user ID and password are required to sign on.
  • Only a security officer or someone with *SECADM special authority can create user profiles.
  • The limit capabilities value specified in the user profile is enforced.

Start of changeYou cannot set your security level to 20. If your system is currently at level 20, your system will remain at level 20. If you change the system level to some other value, you cannot change it back to level 20.End of change