Ted

        The suggestion of UDCs is a great idea, but several people have pointed
out that these can be bypassed by programmatic execution from the EDITOR and
other subsystems. HP sells a product called Security Monitor which among other
things allows for the selective disabling of programmatic execution of commands
as well a the logging of the commands. This combined with the UDCs should
provide ample security.

        Yes, Security Monitor is available for MPE / iX, we were using it on 5.0
and 5.5.

Bob Schlosser
(407) 727-5893

        -----Original Message-----
        From:   Ted Johnson [SMTP:[log in to unmask]]
        Sent:   Thursday, September 02, 1999 12:30
        To:     [log in to unmask]
        Subject:        Limiting ALTACCT/NEWACCT

        Is there a way to keep people who have sysyem manager access from using
        certain commands such as ALTACCT, NEWACCT, ALTGROUP and NEWGROUP.

        TIA,

        Ted
        --
        *************************************************
        Ted Johnson                     [log in to unmask]
        Information Systems
        Wake Forest University          336-758-4374
        Winston-Salem, NC 27109         336-758-7127 FAX

        "It seems to me the practical joke has become a
        dormant form of humor.  The White House tried to
        revive it in 1972, and some of their jokes were
        pretty clever.  But a joke can't really be called
        practical if it gets you two years in jail".
                                -- Mike Royko