> From: email@example.com > > That seems to be the solution for many people. People are tired > of dealing > with the security of the 400 so they have the 400 duplicate all data to an > intermediate box and then handle it from there. "Tired of dealing with the security of the 400"? You're the first person I've ever heard say that. I know people who can't be bothered with security because it takes some effort to do correctly, but most people who value data security appreciate the 400's built-in security model. "Duplicate all data"? A bit of hyperbole. I only suggested mirroring the data that you wish to allow unsecured access to. This is hardly "all data". I doubt sincerely that you want anonymous access to your general ledger. And if you allow unmonitored anonymous FTP or RUNRMTCMD to a machine where general ledger information is stored, and you haven't implemented a proper security model, then you have done just that. You might as post the information directly to the web. You want both secured and unsecured data on your mission-critical business machine. Most basic security models hold that one machine should not have both secured and unsecured data, but of all machines, the AS/400 is pretty good at allowing both. You have to do some upfront work, but it's not that difficult. It's far preferable, in my opinion, to allowing unfettered access. Opening up your machine in order to make your programming life easier just isn't a very good business decision. Joe
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.