Re: ODBC Security -- MIDRANGE-L


This message comes up on the list all the time.  Nice to see you're
concerned.

Standard option is to have all files owned by a user who is NOT a group
profile.  Have *PUBLIC have no authority, or *EXCLUDE,  to any file.  Then
change all of your 5250/batch/etc programs to use adopted authority of the
object owner.  I have an former coworker who had to implement this solution
at his current place of employment.  Now comes the final question:  How do
you let the people who really use ODBC and who have a legitimate reason, to
access these files?  After all we don't want to limit the 400 to green
screen only, do we?

The solutions may be numerous.  I am kind of anxious to here those.


Rob Berendt

==================
Remember the Cole!


                                                                                
                                         
                    Quazy                                                       
                                         
                    <quazy@SoftHome.net        To:     midrange-l@midrange.com  
                                         
                    >                          cc:                              
                                         
                    Sent by:                   Subject:     ODBC Security       
                                         
                    owner-midrange-l@mi                                         
                                         
                    drange.com                                                  
                                         
                                                                                
                                         
                                                                                
                                         
                    11/09/00 12:25 PM                                           
                                         
                    Please respond to                                           
                                         
                    MIDRANGE-L                                                  
                                         
                                                                                
                                         
                                                                                
                                         




How does everyone deal with security on the 400 and the ability to use
ODBC?

If production files are set to public authority to *change, what can I
do.  users don't have access to manipulate the data from the AS/400 (I have
taken all those ways away).  But even if a user with basically no authority
gets on through ODBC they could do anything they want to the database.


What is there you can do?

+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to
MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator:
david@midrange.com
+---



+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.