RE: [Hardhats-members] Device attributes

Wed, 30 Nov 2005 07:18:06 -0800 

<snip>
-----Original Message-----

[KSB] I know that the VA tends to have users access VistA with a common
userid.  However, systems are more easily secured (and audited) when
users have and use their own userids.  I don't know about configurations
for VistA on other MUMPSen, but for VistA on GT.M, I recommend that each
user have his/her own user id, and run VistA with that userid.

I do however configure VistA so that each instance of VistA has its own
UNIX group.  So, for example, if the Azkaban Infirmary and St. Mungo's
Hospital are two separate implementations of VistA that happen to share
a server at an ASP, then I would set up groups azkaban and stmungos, and
group access permissions would be used to ensure that care givers at one
institution can't access the VistA instance of the other.  This
constraint of course does not arise inside the VA.

-- Bhaskar

[Schlehuber, Cameron] Actually, there are circumstances in VA where users do
need to have their own OS userid for the precise reasons you state.  For
example, developers and verifiers may have their own accounts that have
users with programmer mode access who should never cross into each others'
accounts.  Likewise, there are systems for production use in VA that have
separate implementations of VistA for different organizational entities that
do not access each others' instances.



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37&alloc_id865&op=click
_______________________________________________
Hardhats-members mailing list
Hardhats-members@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/hardhats-members

Reply via email to