× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. SECURITY400
  3. August 2001

RE: Authority annoyances, continued...

Hmm.. yes, good ol' ODBC, Client Access and Ops Nav.  Those things have been a 
thorn in my side as far as security is concerned.  On
my old system I got around it simply not using Client Access, we didn't even 
have it licensed.  We used Mochasoft for 5250 screen
emulation.  But, of course, that wasn't to last.  My last company merged with 
another company that used Client Access as the
standard, so it wound up getting installed on my system too.

You have exit programs you can write, if you have the time to find out how to 
write them, and then actually write them. You wind up
plugging the huge hole IBM opened up.  Instead of being able to secure it and 
open up the holes you  secure yourself.

I would of much preferred Client Access to have additional security, not less.  
Especially since most systems at the time had
security implemented on the program/menu level, not the file level (hey, if you 
don't have access to the program, you don't have
access to the file, right?)  So of course Client Access blew a huge hole in 
that theory.

I think security officers have been playing catch up ever since.

Regards,

Jim Langston
Programmer/Analyst
Cels Enterprises, Inc.

It is said: In English two negatives make a positive.  In Russian two negatives 
make a negative.  But in no language do two
positives make a negative.
Yeah, right.

-----Original Message-----
From: security400-admin@midrange.com
[mailto:security400-admin@midrange.com]On Behalf Of Anton Gombkötö
Sent: Tuesday, August 21, 2001 2:12 PM
To: security400@midrange.com
Subject: RE: [Security400] Authority annoyances, continued...


--
[ Picked text/plain from multipart/alternative ]
At 17:10 21.08.01 -0400, you wrote:
> >I had changed UPDDTA to PUBLIC *EXCLUDE.
> >It's just way too dangerous.
>
>Jim,
>   The PC people can get at that file (for update) via ODBC and Access.
>   This may well spawn an interesting thread on how to Really secure a file
>in the age of ODBC/JDBC.

Right, Buck,
forgot that, and Ops Nav has a GUI UPDDTA! (They could even change the file
layout... *gulp!*)



Mit freundlichen Grüssen / best regards

Anton Gombkötö

Avenum Technologie GmbH
Wien - Mattsee - Stuttgart
e-mail Office   :       mailto:Anton.Gombkoetoe@avenum.com
Homepage        :       http://www.avenum.com

Lest das Redbook / read the redbook "Who knew you could do that with RPG?":
http://www.redbooks.ibm.com/abstracts/sg245402.html
--

_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400) 
mailing list
To post a message email: Security400@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/security400
or email: Security400-request@midrange.com

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.