× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. August 2018

Re: Another FieldProc question

Yup - which is why we said we thought that they should have done something to better protect against accidental damage.

My preference - after further thought - is that perhaps the field should be automatically protected against update by native methods. Similar in a way to the "invisible" variable length fields that we originally had until RPG could handle them properly.

I don't think you should have to rely on someone remembering to set a check constraint on the field if RCAC is applied to a file. Perhaps, again for native access, it should prohibit update _unless_ there is such a check in place.

Dunno - but it struck me at the time, and I still feel, that the feature was not thought through thoroughly enough.


Jon Paris

www.partner400.com
www.SystemiDeveloper.com

On Aug 30, 2018, at 3:46 PM, Rob Berendt <rob@xxxxxxxxx> wrote:

Wow did I initially read the redbook wrong. I read your blog and my
initial impression was that y'all were way off base. However I find it
tough to think Kent Milligan is due for a whiz quiz so I reread the
redbook.
<snip>
5.3 Accidental updates with masked values
The masked values that are returned by a column mask can potentially cause
the original
data value to be accidentally overwritten, especially with applications
using native record-level
access.
For example, consider a table containing three columns of first name, last
name, and tax ID
that is read by an RPG program. The user running the program is not
authorized to see the
tax ID value, so a masked value (*****3333) is written into the program's
record buffer, as
shown Figure 5-1.
In this example, the application reads the data for an update to correct
the misspelling of the
last name. The last name value is changed to Smith in the buffer. Now, a
WRITE request is
issued by the program, which uses the contents of the record buffer to
update the row in the
underlying DB2 table. Unfortunately, the record buffer still contains a
masked value for the tax
ID, so the tax ID value in the table is accidentally set to the masked
value.
<image></image>
Obviously, careful planning and testing should be exercised to avoid
accidental updates with
masked values.
DB2 for i also enhanced its check constraint support in the IBM i 7.2
release with a new ON
UPDATE clause that allows the existing value to be preserved when a masked
value is detected
by a check constraint. Details about how to employ this new check
constraint support can be
found in 6.8.1, “Check constraint solution” on page 108.
</snip>

So basically Kent was right and the check constraint should stop the
errant update. What it doesn't stop is the intentional hack. For
example, if you read the column and RCAC masks it as *****1234 and you do
an update and have the check constraint "on update violation" set that if
the string begins with "*****" to ignore the update of that column you're
all good. But if someone reads *****1234 and sets it to 123456789 it will
write out the whole 123456789.

Section 3.5 and section 5.3 seem to totally conflict.
https://www.redbooks.ibm.com/redpapers/pdfs/redp5110.pdf


Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: "Jon Paris" <jon.paris@xxxxxxxxxxxxxx>
To: "Midrange-L Midrange-l" <midrange-l@xxxxxxxxxxxx>
Date: 08/30/2018 03:24 PM
Subject: Re: Another FieldProc question
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>



We blogged about this some time back when we became concerned at the
somewhat cavalier approach some people were taking in applying this
capability to tables that were also handled by native RPG.

Here's the blog post
http://ibmsystemsmag.com/blogs/idevelop/archive/rcac-two-steps-forward-one-back/
<
http://ibmsystemsmag.com/blogs/idevelop/archive/rcac-two-steps-forward-one-back/
if you read the comments you'll see Kent Milligan's take on it.

Our advice remains to be very very careful in applying this to existing
applications.


Jon Paris

www.partner400.com
www.SystemiDeveloper.com

On Aug 30, 2018, at 3:00 PM, James H. H. Lampert
<jamesl@xxxxxxxxxxxxxxxxx> wrote:

On 8/30/18, 11:50 AM, Rob Berendt wrote:
I think Buck is right on with his suggestion to supply feed back at the
end of his long reply.
JSMITH reads the row using an RPG read.
The value of SSN is shown to him as *****1234.
The program does: ssn='123456789' then an RPG update. Does it accept
that and store the encrypted value of '123456789' or what? Like, "so
I
can't read it, can I set the value instead"?

Mr. Berendt guessed right. The circumstances in question are indeed
strictly native Record Level Access. What happens if the record is updated
by somebody who sees a redacted value, both with and without attempting to
change the value?

Thanks, Rob, for saving me the trouble of clarifying the circumstances.

--
JHHL
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: http://amzn.to/2dEadiD

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: http://amzn.to/2dEadiD



--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: http://amzn.to/2dEadiD


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.