Authority other than *EXCLUDE required to display objects within '/home' directory

In prior releases, only *R data authority to the '/home' directory was required for a user to process the objects linked in that directory. No authority was required to the objects themselves.

For example, a user with proper authority could display all the contents of '/home' with the Work with Object Links (WRKLNK) command, the Qshell 'ls' utility, and many other interfaces. In addition, applications could use various APIs such as readdir() or Qp0lProcessSubtree() to read the entries in the '/home' directory, list the contents of the directory, and report some of the attributes of the objects in '/home'.

Starting in IBM i 7.5, a directory entry in '/home' will only be returned or be visible to these interfaces if the user has some authority other than *EXCLUDE to the object itself in addition to having *R authority to the directory. This new authority requirement applies only to the '/home' directory, any variant of '/home' (such as '/HOME', '/Home', or '/HoMe'), and any directory that has ever been '/home' after IBM i 7.5 was installed.

For example, if '/home' was renamed to '/oldhome' and some other existing directory was renamed to '/home', both '/oldhome' and the new '/home' would exhibit the new behavior. In addition, if '/home' is removed from the system, the new authority restrictions would immediately apply to any directory restored to the system as '/home', even if the saved directory originally had a different name, was saved from a different system, or was saved from a previous release.

This new authority requirement could cause applications or system functions to skip over or not include objects that would have been processed in previous releases. This may result in new failures or other unexpected results. Granting additional authority to some objects might be required to ensure results consistent with previous releases.