× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. December 2010

Re: Database security from PC applications.

You can also use exit point programs to restrict allowed SQL statements
from ODBC, JDBC, etc. which is better imo. That way it doesn't really
matter how their ODBC connection is setup you can prevent
INSERT/UPDATE/DELETE altogether.

Thanks,
Tommy Holden



From: "Carel Teijgeler" <coteijgeler@xxxxxxxxx>
To: midrange-l@xxxxxxxxxxxx
Date: 12/10/2010 09:50 AM
Subject: Re: Database security from PC applications.
Sent by: midrange-l-bounces@xxxxxxxxxxxx



Is this done through ODBC?

Because then I think you have set it up incorrectly. You can define ODBC
to
be Read Only.

With regards,
Carel Teijgeler

*********** REPLY SEPARATOR ***********

On 9-12-2010 at 14:46 Alan Campin wrote:

I have been recently tasked with looking into users making changes to our
AS/400 tables from PC applications and how to prevent this.

I seem to recall that there might have been some discussions of this in
the
past.

I know that the usual way to do something like this is to create all
database tables with a db owner and exclude *PUBLIC from any access. Then
when the user starts a program the system grants them access to the
application for the duration of the session and when the session ends the
authority is revoked.

The problem is that requires everything to be set up that way and major
application work which they are not willing to do given the AS/400 is
toast
in a year.

Any other ways people have accomplished this? I believe there is a
database
exit program. Any other ideas?

Thanks for any help.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



-----
Geen virus gevonden in dit bericht.
Gecontroleerd door AVG - www.avg.com
Versie: 10.0.1153 / Virusdatabase: 426/3305 - datum van uitgifte:
12/09/10



-----
Geen virus gevonden in dit bericht.
Gecontroleerd door AVG - www.avg.com
Versie: 10.0.1153 / Virusdatabase: 426/3305 - datum van uitgifte:
12/09/10




As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.