• Subject: Re: File security
  • From: John Earl <johnearl@xxxxxxxxxx>
  • Date: Sat, 25 Jul 1998 09:57:36 -0700
  • Organization: Lighthouse Software

Pete Hall wrote:

> At 12:18 07/23/98 -0400, John Hall wrote:
>

<snip>

> Only grant update access to the objects that the user will actually be 
>updating. We allow read access to virtually everything else (company policy), 
>so there are plenty of spreadsheets, Access databases and crystal reports. 
>That's a good use for ODBC.


>
>
> For interactive users, remove the command line, only let them run the 
>programs that they need to run in order to do their jobs, and make them use 
>the menus. They're all LMTCPB(*YES).
>
> Use exit programs to prevent updating of ANYTHING in a production library by 
>ODBC or FTP unless the exact command has been registered as a permissible 
>command (not really as difficult as it sounds, but I still have some work to 
>do on that part). The preferred method of updating the data is via server 
>programs on the AS/400.

Also remember that Client Access users can issue commands
using Remote Command regardless of whether they are defined
as LMTCPB(*YES).


jte


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---


This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact [javascript protected email address].