LISTSERV - HP3000-L Archives

HP3000-L Archives

June 1997, Week 1

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L June 1997, Week 1

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Restricting access to a group
From:	Michael L Gueterman <[log in to unmask]>
Reply To:	Michael L Gueterman <[log in to unmask]>
Date:	Wed, 4 Jun 1997 20:27:25 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (25 lines)

Greg,

  Well,  if your programmers have AM capability in the same
account as your proposed groups, then you're pretty much
stuck.  Anything you do via standard MPE security they'll
be able to bypass.  This would be true even with a "full blown
change control package".  I suggest that (although it may not
make you the most popular person in the eyes of the programmers)
you take a step back from the situation and review *why* the
programmers need AM.  Work on getting them what they need
with minimal capabilities, and then remove AM from them.
Then you can secure the groups in question from write access.
You'll still need a method of checking files into and out of the
groups, but that can be handled via remote loopback sessions
or batch jobs loging onto a user that *does* have AM there.

Regards,
Michael (been there, done that, got the scars to prove it :) Gueterman
Easy Does It Technologies
email: [log in to unmask]
http://www.editcorp.com
voice: (888) 858-EDIT -or- (509) 943-5108
fax:   (509) 946-1170
--

ATOM RSS1 RSS2

RAVEN.UTC.EDU