I performed a scan last week where 1,400+ #IBMi users had *ALLOBJ special authority! This grants access to ANYTHING and EVERYTHING. They inadvertently had granted it to their users’ group profile. Don’t overlook this ‘hidden’ privilege inheritance when auditing your users.

I performed a scan last week where 1,400+ #IBMi users had *ALLOBJ special authority! This grants access to ANYTHING and EVERYTHING. They inadvertently had granted it to their users’ group profile. Don’t overlook this ‘hidden’ privilege inheritance when auditing your users.

– Robin Tatam (@robintatam)07:41 – May 02, 2022