Subject: | |
From: | |
Reply To: | |
Date: | Wed, 11 Jun 1997 13:14:33 -0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Michael L Gueterman wrote:
> Well, if your programmers have AM capability in the same
> account as your proposed groups, then you're pretty much
> stuck. Anything you do via standard MPE security they'll
> be able to bypass. This would be true even with a "full blown
> change control package". I suggest that (although it may not
> make you the most popular person in the eyes of the programmers)
> you take a step back from the situation and review *why* the
> programmers need AM. Work on getting them what they need
> with minimal capabilities, and then remove AM from them.
I agree 100%.
> Then you can secure the groups in question from write access.
One "end-around" we use, without going outright to AM is to give AL to
the programmers. Most of the groups where they need access have group
security set to (R,A,W,L,X,S:AL,GU) or suitable subset thereof, while
the really secure groups omit the AL access.
This works great for MPE. It gets weird with Posix, where "AL" has no
direct connotation.
Jeff Kell <[log in to unmask]>
|
|
|