• Subject: Re: Limiting SQL Access
  • From: John Earl <johnearl@xxxxxxxxxxxxxxx>
  • Date: Tue, 28 Nov 2000 23:21:12 -0800
  • Organization: The PowerTech Group

Al,

MacWheel99@aol.com wrote:

> You can setup your library list so that in front of the library with the IBM
> command "STRSQL" or any other IBM command for that matter, is your own
> command with the identical name ... it does in fact run the IBM command, but
> before doing so, it does something that you want done, such as verification
> that the user meets some authority standards that you not want to put in
> using standard security techniques.

I've seen suggestions like this before, but personally fell that they are
ineffective against all but the least sophisticated users.  A simple "
QSYS/STRSQL " will bypass any security restrictions that you attach to your new
"STRSQL" command that is higher in the library list.

jte



--
John Earl                    johnearl@400security.com
The PowerTech Group      --> new number --> 253-872-7788
PowerLock Network Security   www.400security.com
--


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].