× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



> Yes - a big difference.
The point I was making (very poorly I guess) is that
called programs with *owner auth can be a security hazard if
they can be called at will by something like rmtcmd.
At that point, whether it's the dltf command or the *owner pgm
that does the same dltf (without some serious edits), ends in
the same result. The "and
_within_the_context_of_that_program's_instructions_"
becomes very important.I think we agree here.
jim

----- Original Message ----- 
From: "John Earl" <john.earl@xxxxxxxxxxxxx>
To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
Sent: Monday, January 26, 2004 3:32 PM
Subject: RE: Losing Authority to a file in Batch


> > well.... would it be any diff if C:\>rmtcmd //gdisys call
> > pgmxxx
> > and pgmxxx is compiled to *owner.
>
> Yes - a big difference - pgmxxx typically has a scoped set of work that
> a user can do such as "add a record" or Maintain Customer Info", or some
> such thing. and _within_the_context_of_that_program's_instructions_, the
> user is allowed to read or change data to the referenced files.
>
> Otherwise, at the rmtcmd prompt, the user is authorized to run any
> command that they (or *PUBLIC) is authorized to, and execute that
> command against any file that the user (or *PUBLIC) is authorized to.
> That's a huge difference.
>
> Adopted authority allows you to scope a user's access to a file - the
> scope being the set of instructions that are already compiled into the
> adopted authority program.
>
> jte
>
> --
> John Earl | Chief Technology Officer
> The PowerTech Group
> 19426 68th Ave. S
> Seattle, WA 98032
> (253) 872-7788 ext. 302
> john.earl@xxxxxxxxxxxxx
> www.powertech.com
>



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.