Proper Use of QTEMP

June 5, 2002 Timothy Prickett Morgan

Hey, Ted:

In the article, “Suggestions for a Temporary Library,” the author writes the following statement: “…the top of the library list. QTEMP is already there.”

So many sites put QTEMP at the top of the library list to save qualifying file names with QTEMP. I have always felt that this exposes a potential security risk. This is mainly for reasons that might never happen, but, if damage can be done, some day it is bound to happen. For example, a user using Query/400 could easily create a file in QTEMP that has the same name as a file elsewhere in the library list. A subsequent program might reference the file in QTEMP rather than the one it should. Subsequent scenarios range from a harmless program crash to accidental or even deliberate file corruption.

To get around this, I suggest that QTEMP should ALWAYS be placed at the bottom of the library list and that references to files in QTEMP should ALWAYS be hard coded.

— Tony

Sponsored By looksoftware

Application Modernization made Easy! newlook allows you to rapidly re-face, web-enable, and extend your applications. And, newlook will integrate your iSeries applications with desktop applications like Notes, Excel, Word and Outlook in hours! Add file transfer, DDM, display and printer emulation using secure browser-based deployment and move to a new future with newlook. Download your FREE evaluation at www.looksoftware.com/down_main.htm and request a personal web-cast to see how easily newlook can rejuvenate your applications.