Users can utilize the system request function to pause the job access the System Request Menu. This menu enables users to send and view messages, switch to a secondary, terminate the current job.

However, this poses a potential security risk since the default public authority for the Request Menu is set to *USE when the system is shipped

The most straightforward method to prevent users from accessing this menu is to limit authority to the panel group QGMNSYSR.

To restrict specific users from accessing the System Request Menu, assign *EXCLUDE to those users.

GRTOBJAUT OBJ(QSYS/QGMNSYSR) OBJTYPE(*PNLGRP) USER(username) AUT(*EXCLUDE)

To restrict access to the System Request Menu for most, revoke public authority and assignUSE authority exclusively to specific users.

RVKOBJAUT OBJ(QSYS/QGMNSYSR) OBJTYPE(*PNLGRP) USER(*PUBLIC) AUT(*ALL)

GRTOBJAUT OBJ(QSYS/QGMNSYSR) OBJTYPE(*PNLGRP) USER(username) AUT(*USE)

Recommendation use a USER GROUP for the username and simply add every user to that group to grant access.

Prevent only some menu options

You can prevent access to specific menu options by revoking access to the underlying commands behind those menu options.

Options and commands for the system request menu

For example, if you wanted to prevent access to SYSREQ(1) then you can just revoke access to the TFRSECJOB command:

RVKOBJAUT OBJ(TFRSECJOB) OBJTYPE(*CMD) USER(*PUBLIC) AUT(*ALL) 

GRTOBJAUT OBJ(TFRSECJOB) OBJTYPE(*CMD) USER(username) AUT(*USE)

Easy Peasy!