× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  • Subject: Re: Enable User Profile Program
  • From: John Earl <johnearl@xxxxxxxxxxxxxxx>
  • Date: Wed, 08 Mar 2000 22:25:41 -0800
  • Organization: The PowerTech Group

Eric,

See the code for the SETPWD command that I wrote for News/400 in
October 1993.  Although the code is a bit dated It handles the issues
you raise and some other important concerns as well.

jte

eric.ong@ap.bnpgroup.com wrote:
> 
> Yesterday, I actually compiled a CL program with only one command -
> CHGUSRPRF.
> 
> My purpose was to allow the operators to enable disabled user profiles,
> instead of coming to me. The adopted authority worked, but because the
> value for parameter USRPRF is a variable value, I inserted a ? before
> CHGUSRPRF in the CL program to prompt the operator to enter the desired
> user profile name. However, this presented a problem, the other parameter
> were shown and could be altered by the operator (the operators are running
> this program under the adopted authority of the QSECOFR, which poses a big
> security loophole). How, then could I resolve this problem?
> 
> Your valuable inputs will be greatly appreciated.
> 
> Thank you.
> 
> Rgds,
> Eric
> 
> 
>_____________________________________________________________________________________________________________________________________
> 
> L integrite de ce message n'etant pas assuree sur Internet, les societes du 
>groupe BNP Paribas ne peuvent etre tenues responsables de son contenu.
> Si vous n'etes pas destinataire de ce message, merci de le detruire et 
>d'avertir l'expediteur.
>                 
>----------------------------------------------------------------------------------
> The integrity of this message cannot be guaranteed on the Internet, companies 
>of the BNP Paribas group can not therefore be considered responsible for the 
>contents.
> If you are not the intended recipient of this message, then please delete it 
>and notify the sender.
> 
>_____________________________________________________________________________________________________________________________________
> +---
> | This is the Midrange System Mailing List!
> | To submit a new message, send your mail to MIDRANGE-L@midrange.com.
> | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
> | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator: david@midrange.com
> +---

--
John Earl                                          
johnearl@powertechgroup.com
The PowerTech Group                        206-575-0711
PowerLock Network Security              www.400security.com
The 400 School                                www.400school.com
--
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.