LISTSERV - HP3000-L Archives

HP3000-L Archives

June 2001, Week 3

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L June 2001, Week 3

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: MPE Security question
From:	Gavin Scott <[log in to unmask]>
Reply To:	Gavin Scott <[log in to unmask]>
Date:	Mon, 18 Jun 2001 12:51:47 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (24 lines)

Bob writes:
> This is not the case. I've created a user without LG that can successfully
> open and modify data in a database with Logging enabled.
>
> I'm sure I've done this in the past. What's going on.?

I seem to recall it being argued whether the requirement for LG was a good
thing or a bad thing, with a number of people being unhappy about the need
to give every Image user LG capability since the users aren't using the
logging facility directly but Image is using it on their behalf and so it
really should be Image that "has LG" logically speaking.

Thus it's possible that Image got "enhanced" recently to remove the LG
requirement from the users.

I suspect that it didn't occur to anyone that it might be possible to make
use of this requirement as a security feature, or that someone might
actually be doing this.

G.

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2

RAVEN.UTC.EDU