× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  • Subject: Re: configuration of c/s application
  • From: John Earl <johnearl@xxxxxxxxxx>
  • Date: Fri, 16 Jan 1998 15:32:26 -0800

Paul,

At 06:02 AM 1/14/98 -0500, you wrote:
>Dan:
>
>        I would forget using ODBC unless you can guarantee that the users
>connecting with it have no authority to use any files on the machine in a
>manner that you don't want them to, as any of the standard PC applications
>will give them the ability to read anything that they have authority to on
>the AS/400, and database applications such as Access or Paradox will let
>them update or delete the data.


Considering how AS/400 software vendors have designed(sic) their security,
your concerns about ODBC transactions are understanable.  But the situation
is not as hopeless as you think.  It _is_ possible to secure PC's from ODBC
transactions through the Client Access exit points, and that security can be
as good or better than any security that you can get from a middleware
product such as PowerBuilder or Progress.  

With exit points you can turn off certain ODBC functions (such as update),
you can limit which users can access certain ODBC functions (ex: only
supervisors can perform Selects), and you can regulate which objects users
have acccess to (ex: only the payroll supervisor can Select the payroll
file).  They're really quite flexible.  

I've been involved in a number of client server security projects (including
a large one that relied on the Progress middleware tool).  Exit points and
ODBC can be as secure as all of the other solutions, if they're done
correctly.  You can build your own exit point system using IBM 's Server
Administration Guide, or you can purchase a product like ours (Though I
would argue that you can't write it for less than what we sell ours for :).
Either way, it's they're your best bet for securing Client Server transactions.


jte
--

John Earl       Lighthouse Software Inc.
8514 71st NW    Gig Harbor, WA 98335
253-858-7388    johnearl@lns400.com

Without Lighthouse Network Security/400, your AS/400 is wide open.

+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to "MIDRANGE-L@midrange.com".
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---


As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.