Setting up security on IBM i
Security on IBM® i is implemented using the IBM MQ Object Authority Manager (OAM) and IBM i object level security.
Security considerations that must be made when determining access authority to IBM MQ objects.
- Grant and revoke authorities to the IBM MQ for IBM i
commands using the IBM i
GRTOBJAUT and RVKOBJAUT commands.
In the QMQM library, certain noncommand (*cmd) objects are set to have *PUBLIC authority to *USE. Do not change the authorities of these objects or use an authorization list to provide authority. Any incorrect authority might compromise IBM MQ functionality.
- During installation of IBM MQ for IBM i, the following
special user profiles are created:
- QMQM
- Is used primarily for internal product-only functions. However, it can be used to run trusted applications using MQCNO_FASTPATH_BINDINGS. See Connecting to a queue manager using the MQCONNX call.
- QMQMADM
- Is used as a group profile for administrators of IBM MQ. The group profile gives access to CL commands and IBM MQ resources.
When using SBMJOB to submit programs that call IBM MQ commands, USER must not be set explicitly to QMQMADM. Instead, set USER to QMQM or another user profile that has QMQMADM specified as a group.
- If you are sending channel commands to remote queue managers, ensure that your user profile is a member of the group QMQMADM on the target system. For a list of PCF and MQSC channel commands, see IBM MQ for IBM i CL commands.
- The group set associated with a user is cached when the group authorizations are computed by the
OAM.
Any changes made to a user's group memberships after the group set has been cached are not recognized until you restart the queue manager or execute RFRMQMAUT to refresh security.
- Limit the number of users who have authority to work with commands that are particularly
sensitive. These commands include:
- Create Message Queue Manager ( CRTMQM )
- Delete Message Queue Manager ( DLTMQM )
- Start Message Queue Manager ( STRMQM )
- End Message Queue Manager ( ENDMQM )
- Start Command Server ( STRMQMCSVR )
- End Command Server ( ENDMQMCSVR )
- Channel definitions contain a security exit program specification. Channel creation and modification requires special considerations. Details of security exits are given in Security exit overview.
- The channel exit and trigger monitor programs can be substituted. The security of such replacements is the responsibility of the programmer.