> From: email@example.com
> That seems to be the solution for many people. People are tired
> of dealing
> with the security of the 400 so they have the 400 duplicate all data to an
> intermediate box and then handle it from there.
"Tired of dealing with the security of the 400"? You're the first person
I've ever heard say that. I know people who can't be bothered with security
because it takes some effort to do correctly, but most people who value data
security appreciate the 400's built-in security model.
"Duplicate all data"? A bit of hyperbole. I only suggested mirroring the
data that you wish to allow unsecured access to. This is hardly "all data".
I doubt sincerely that you want anonymous access to your general ledger.
And if you allow unmonitored anonymous FTP or RUNRMTCMD to a machine where
general ledger information is stored, and you haven't implemented a proper
security model, then you have done just that. You might as post the
information directly to the web.
You want both secured and unsecured data on your mission-critical business
machine. Most basic security models hold that one machine should not have
both secured and unsecured data, but of all machines, the AS/400 is pretty
good at allowing both. You have to do some upfront work, but it's not that
difficult. It's far preferable, in my opinion, to allowing unfettered
access. Opening up your machine in order to make your programming life
easier just isn't a very good business decision.
This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact