This solution presupposes that only you know the PARM=-1 trick. From the
standpoint of security management this is no solution, i.e. it wouldn't pass
an audit. I personally like the idea of a users logging in with OP
capability but in a menu. This way you can password protect OPERATOR.SYS and
the users can still issue OP commands in a predefined environment.

-----Original Message-----
From: HP-3000 Systems Discussion [mailto:[log in to unmask]]On
Behalf Of Paveza, Gary
Sent: Wednesday, October 13, 1999 8:33 AM
To: [log in to unmask]
Subject: Re: Limiting Operator Access


Login as manager.sys with a parm=-1  That will bypass any UDCs.  Actually, I
believe that works for any user with SM capabilities.


-------------------------------
Gary L. Paveza, Jr.
Technical Support Specialist
All opinions are mine and not those of my employer


        -----Original Message-----
        From:   Black, Cory [SMTP:[log in to unmask]]
        Sent:   Tuesday, October 12, 1999 5:58 PM
        To:     [log in to unmask]
        Subject:        Re: Limiting Operator Access

        Tom Wrote:
        /snip/

        I know I could set up a system-wide udc command to dummy out the
        commands I want to limit access to.  It seems like there was then a
        simple way to get around this so I can have access but I don't
recall
        what it was.  Could someone please remind me?


        Check the $ALLOW command in Security 3000.

        Cory Black
        First Penn-Pacific Life