On Mon, 2005-11-28 at 11:07 -0600, Greg Woodhouse wrote: [KSB] <...snip...>
> That being said, a warning is in order: It is not normal for users to > run VistA under their own uid. Yes, we all sign in at the OS level > using our own user names and then jumpt into Cache or GTM, but you > don't want to do this in a production environment. Instead, there > will > be a vista user that people use to sign in. This has consequences for > working with host files. If the uid of the running process is vista, > and you create a file, who do you suppose will be the owner of the > file? If you need to create files under your own uid, a more > complicated solution is needed. [KSB] I know that the VA tends to have users access VistA with a common userid. However, systems are more easily secured (and audited) when users have and use their own userids. I don't know about configurations for VistA on other MUMPSen, but for VistA on GT.M, I recommend that each user have his/her own user id, and run VistA with that userid. I do however configure VistA so that each instance of VistA has its own UNIX group. So, for example, if the Azkaban Infirmary and St. Mungo's Hospital are two separate implementations of VistA that happen to share a server at an ASP, then I would set up groups azkaban and stmungos, and group access permissions would be used to ensure that care givers at one institution can't access the VistA instance of the other. This constraint of course does not arise inside the VA. -- Bhaskar ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ Hardhats-members mailing list Hardhats-members@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/hardhats-members
