How would it supplement OS security?


I'm just suggesting that developers may supplement OS security by including
program logic which checks user authority to anything exposed by the
program (i.e. does a user have authority to approve a purchase order or
invoice?)

I'm suggesting that such logic can be part of a framework, so that it is
easy to implement.

If your server program is running as a named user, that will be the user
the OS uses for authorization regardless of the end-user (unless it does
user swapping like CGI).


We use a web portal which launches new IBM i JOBs when users click on menu
items. Those JOBs run under the IBM i user profile assigned to the users.
Each JOB handles requests pertaining to just that user. We don't "swap"
profiles like your CGI example.

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.