× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Rob:

"I've stumbled in to a few files, (normally IBM ones), that were created
with CRTPF ALWUPD(*NO) ALWDLT(*NO) These files cannot have records updated
or deleted by QSECOFR himself. I don't know how you originally populate
these files. Perhaps they can only be modified via some special APIs? But
if you figure this out it sounds
like exactly what you need."

Thanks Rob - that would be an idea worthy of researching. I'll look into
it. (And I see that the crtpf parms don't include an 'ALWADD = *NO' option
- so maybe the trick to populating the file is something akin to cpyf with
*ADD).

Evan:

"Another option would be to lock the files, although off hand I'm not sure
what lock you would need to leave read access available (*EXCLRD ?)."

I'm hoping to avoid coding to use alcobj if at all possible as I want to
minimize rpg/cl changes. My first thought is to try to remove the
'maintainability' from the data files themselves.

Tom:

"And you want the override in effect _only_ when the library target
is PURGELIB (or whatever its name is). When any other library is
being accessed, the override for those files should _not_ be in effect.

Two elements seem reasonable:

1. Control access to the *library* at the very least. Allow access only
through an option that sets overrides at entry and removes them on exit.
The option would also adopt authority for the library.

I have no idea what your application structure is nor what access is
granted to command-lines, <Attention> programs, etc.; but without some
general authority restriction, there seems no hope."

#1 was/is my initial strategy - users would have an option on their
initial signon menu to enter/leave the purge environment. Users don't have
command line access or attention key access, just menu driven application
access using adopted authority and the group profile they run under only
has jobctl authority.

"2. Also consider creating a journal just for the files in that library
and creating at least a generic trigger program for the files. In the
event that some update does happen, the journal can be used to set
everything back. If no updates happen, then there'll be minimal impact,
neither for performance nor space. No harm, no foul."

But if a change does get executed through some unexpected/unprotected
means, a generic trigger could send a signal
to a responsible administrator (or many of them). Send a message, send an
e-mail, send notices that changes need attention to be backed out. You
could also send (break?) messages out to the workstation if it's
interactive, saying "You're updating our history! Stop it! Don't change
the past."

A journal for recovery and trigger monitoring would both be useful for
*ALLOBJ or other accidents."

#2 sounds like good insurance. That was something I hadn't considered but
will make note of.

Chuck: Thanks for the lengthy strategy. There's some good ideas in there.

Thanks to all of you - you've provided plenty of material for me to
consider, and raised a few issues I hadn't yet thought of.

Regards, Jerry

Gerald Kern - MIS Project Leader
Lotus Notes/Domino Administrator
IBM Certified RPG IV Developer
The Toledo Clinic, Inc.
4235 Secor Road
Toledo, OH 43623-4299
Phone 419-479-5535
gkern@xxxxxxxxxxxxxxxx


This e-mail message, including any attachments, is for the sole use of the
intended recipient(s) and may contain confidential and privileged
information. Any unauthorized use, disclosure or distribution is
prohibited. If you are not the intended recipient, please inform the
sender by reply e-mail and destroy this and all copies of this message.

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.