----- Original Message -----
From: Jim Langston <jlangston@celsinc.com>
To: <security400@midrange.com>
Sent: Tuesday, August 21, 2001 1:52 PM
Subject: RE: [Security400] Authority annoyances, continued...


I had changed UPDDTA to PUBLIC *EXCLUDE.  It's just way too dangerous.
There was one user for one small file that he maintained that he had
to
occasionally do an UPDDTA on, and I changed the authority to the
command to
allow him *USE authority.

I think that the UPDDTA example is just that - and example.  Their are
dozens of other ways to hammer data into a file.  The idea is to
restrict the user's direct authority to data.  Security, by nature is
transaction based, not object based.  Using and adopted authority
scheme helps enforce that.

jte

--
John Earl - VP & CTO
The Powertech Group
253-872-7788
johnearl@powertechgroup.com
www.powertechgroup.com



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.