Changing Spool File Viewing Authority

摘要

QMy system is configured with object-level security, including limiting access to output queues. None of my users have Spool Control (*SPLCTL) authority. This was enough security to keep reports safe until my third-party ERP vendor added an option to run Work with Spool Files (WRKSPLF), in which the user can write any user he wants.The IBM i does not check any authority when displaying the list of spool files, so any user can see a list of all spool files. They cannot display, change, or delete the file. How can I prevent users from seeing spool files that they don't have authority to view?