LISTSERV - HP3000-L Archives

HP3000-L Archives

January 2001, Week 4

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L January 2001, Week 4

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Image DB Security Question
From:	Robert Mills <[log in to unmask]>
Reply To:	Robert Mills <[log in to unmask]>
Date:	Mon, 22 Jan 2001 15:54:32 -0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (83 lines)

Steve,

Just a few questions:

1) Do you have one of the following tools: Adager/DBGeneral/FlexiBase?
2) Would the supplier allow you to add another user class and password to
the database?

If the answer to both of the above is YES then:

1) Add another user class to either the read or the read/write lists for the
dataset you need access to. Don't forget to update the read/write lists on
any other affected dataset.
2) Add a password for that user class.

regards,
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Robert W.Mills (Systems Development Manager) |
|Windsong Services, St. Mary Cray, ENGLAND    |
|Tel  : +44 (0)1689 870622 x3005              |
|Fax  : +44 (0)1689 899026                    |
|Email: [log in to unmask]  |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

-----Original Message-----
From: Carl McNamee [mailto:[log in to unmask]]
Sent: Monday, January 22, 2001 2:59 PM
To: [log in to unmask]
Subject: Re: Image DB Security Question


I would use an ACL which is much more restrictive and security conscious.
It will allow you to list the users allowed to access the file instead of
just releasing it to everyone.

If you only need to release one dataset I believe that you can just put the
ACL on the root file and the dataset file in question.  You could also just
release these two files if security is not a problem.  Also, if you have any
third party indexes for the dataset you should use an ACL or release them as
well.

Please, someone correct me if I'm wrong!

Carl McNamee
Systems Administrator
Billing Concepts
(210) 949-7282



-----Original Message-----
From: Steve Patterson [mailto:[log in to unmask]]
Sent: Monday, January 22, 2001 7:00 AM
To: [log in to unmask]
Subject: Re: [HP3000-L] Image DB Security Question


Thanks for all the replies, it would seem I may have been somewhat vague in
stating the need for releasing an individual dataset.

We have our fiinancials running using a third party product, with the entire
db housing the transactions, account definitions, etc., and as a result we
cannot modify the structure of the database in any way.  We have two main
production accounts, and in some cases our Powerhouse apps in one account
need to reference the chart of accounts dataset residing in the other
account, for data-entry validation.  To do this, we RELEASE the entire
financial db, but the auditors are concerned that we are making the whole db
accessible from any account.

Logic does *not* prevail when dealing with auditors.

It seems that the short answer is "no, you cannot release an individual
dataset", short of purchasing a product like MPEX (which isn't in the cards
right now).  I suppose we can make a flat file copy of the dataset(s) in
question, but I was hoping there was some other undocumented feature or
trick that we could use.

Thanks again for all the info.

Steve Patterson
Halifax Port Authority
www.portofhalifax.ca

ATOM RSS1 RSS2

RAVEN.UTC.EDU