You might want to look at the article in the U2UG newsletter on security.
http://u2ug.org/docs/20040919_U2UG_Newsletter.pdf that deals with this
issue.
With Universe a program can have higher access rights than the user. If a
user gets to tcl they may not have access rights to update, enquire
At 22:08 -0700 2005/05/26, Tony Gravagno wrote:
The long link was broken by email word wrapping.
Most e-mail servers and clients don't break lines wrapped in 's. Try:
http://www.crn.com/sections/breakingnews/breakingnews.jhtml?articleId=163701126
Ray
--
Phil Walker wrote on Fri, 27 May 2005 9:54:17 +1200
3. IBM, why would the flavour of an account effect the use
of a client tool such as U2 XML/DB Tool? Is this a design
oversight? - or was it assumed that users would change the
account flavour, ...
This is not the only tool that requires a
How about using file level security, and common area in your
subroutines.
Marc Harbeson
ERP/Systems Administrator
Brinly Hardy Company
O - (812) 218-7206
F - (812) 218-6084
[EMAIL PROTECTED]
www.brinly.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
From the same Robin Williams blurb...
I changed the CHOO-CHOO command on our old Reality spirit system
to say Reality..What a concept!
The Choo-Choo command in reality would print out an ASCII picture
of a steam engine train.
George
-Original Message-
From: [EMAIL PROTECTED]
The ability to bypass application security using UniObjects has really got
me thinking. In the absence of any suitable remedies and perhaps as a
stop gap solution whilst a better solution is written, I would recommend
the following:
1. As Martin said, make sure that you do not let UniObjects
How about using file level security, and common area in your
subroutines.
The problem remains that a user who can validly use the application must
have access to these files and hence can open them and tinker in his own VB
program. It all comes down to the fact that UV/Udt cannot tell the
The same issue applies for SQL access to UniVerse as it does for UniObjects.
It is a problem for RDBMS. They get around by restricting access and only
allowing updates through Stored Procedures which can have a different access
level. UniVerse can do the same thing.
Regards
David Jordan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: Friday, May 27, 2005 10:56 AM
To: u2-users@listserver.u2ug.org
Subject: Re: [U2] Uniobjects hack
The ability to bypass application security using UniObjects has really got
me
Does this mean that I should change my udtconfig parameter to 10485760 * 4
and performance may increase? - Rod
$UDTBIN/ipcstat -mb | grep sbcs
m 8107 0 --rw-r--r-- rootother 10485760 - sbcs
R6.0
m 37971309 0 --rw-r--r-- rootother 10485760 -
We are trying to get UV Objects to tell us when a user's password has
expired. There is an error (# 80019) that seems like it should work, but in
testing I get no error back using a login with an expired password. I need
to know if anyone else has run into this issue and has found a way to make
UV
In message
[EMAIL PROTECTED],
HENDERSON MIKE, MR [EMAIL PROTECTED] writes
Things will get better?
No, things will get much, MUCH worse!
When someone finds out my password, then to repair the security breach,
I have to change my password.
When someone finds out the magic number which is the
My comments (below) are AIX-32bit specific.
If Rod is still running on Solaris, there is no need to change.
Wally
Does this mean that I should change my udtconfig parameter to 10485760 * 4
and performance may increase? - Rod
$UDTBIN/ipcstat -mb | grep sbcs
m 8107 0 --rw-r--r--
Richard:
Am I accurate in thinking Pick __USED__ to have file level security but it
doesn't exist in the U2 products because, it was always said, the O/S takes
care of security (aka: we don't need no stinkin file level security)!
Perhaps, having dbms security isn't such a bad idea after all. :-)
All,
The BetterBetter committee (got an idea for an improvement or fix?
email [EMAIL PROTECTED]) has been listening in and kicking this
around. Here's what we've come up with so far:
UniData *has* a UOlogin functionality which will allow you to vett
the user and decide if they can
Actually, when you convert an account to a schema you can use SQL security
to do this. This is what I am referring to. You need to setup SQL users
in your schema (same login used to get into UV) or set privileges for
PUBLIC. If the user exists in the Schema user table then those
permissions are
What We Do:
Mothers Work, Inc. is the world's leading designer, manufacturer and retailer
of maternity fashions in the U.S., with over 1,100 locations in the United
States, Canada, and Puerto Rico - including leading brands A Pea in the Pod,
Mimi Maternity and Motherhood Maternity and five
UniData *has* a UOlogin functionality which will allow you to vett
the user and decide if they can connect as a UO connection. You could
build most of what you want in there. We haven't tested it on UniVerse,
but I have the PE and UO set up, so if no one gets to it by Monday, I'll
test it
Where exactly would this job be located?
Gordon J. Glorfield
Sr. Applications Developer
MAMSI (A UnitedHealth Company)
301-360-8839
[EMAIL PROTECTED] wrote on 05/27/2005 04:59:37 PM:
What We Do:
Mothers Work, Inc. is the world's leading designer, manufacturer and
retailer of maternity
Martin,
Not true. Using UOlogin, I could run a filter and only allow a
subset of the valid user list access. That would stop people from using
telnet ids as UO ids. If you expand this to lock out some accounts to
ALL UO logins, you can draw a box around the UO user.
Now, if you said
Gordon,
According to their website, Philly.
http://hotjobs.yahoo.com/jobs/PA/Philadelphia/Technology/J775698EE;_ylt=AgsQW5yT4g3kp28AsfDfp2mxQ6IX
- Chuck
Gordon J Glorfield wrote:
Where exactly would this job be located?
---
u2-users mailing list
u2-users@listserver.u2ug.org
To
I have looked at all of the documentation that I have and can't find ANY
reference to UOLOGIN, UOlogin, ... Is this documented anywhere?
I tried to create a simple PROC (UniData 6.1PE) and it doesn't execute on
login. The interesting thing is that if I create and direct catalog a
program
Chuck,
Thanks!
Regards,
Jim
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Key Ally
Sent: Friday, May 27, 2005 7:08 PM
To: u2-users@listserver.u2ug.org
Subject: Re: [U2] Uniobjects hack
James,
Here's a link on the IBM site.
And the good reason why IBM restricts access to this information so only
VARs and End-Users with direct support contracts can see it is?
Why is this not in a publicly accessible piece of documentation?
The number of times I have tried to register for an IBM techconnect ID and
been refused
When doing a recent analysis of their accounts, one of my clients still had
the original GAMES account still spinning on their system.
Wumpus anyone?
- Original Message -
From: George Gallen [EMAIL PROTECTED]
To: u2-users@listserver.u2ug.org
Sent: Friday, May 27, 2005 9:23 AM
Subject:
I agree with you. I am a end-user and we do not have access to IBM'S secure
technical notes.
I understand that my company may be allowed to purchase software support to
allow us to see these restricted documents.
Ken Wallis [EMAIL PROTECTED] wrote:
And the good reason why IBM restricts access
26 matches
Mail list logo