Hi Martin In the U2UG article it explains the process. Using SQL Schema you can set public access rights to prevent anyone reading, writing and deleting files. You can then create a new user call APPLICATION and give it access rights.
In the BASIC Subroutine you can use the AUTHORIZE statement to give the subroutine the access rights of "APPLICATION". Thus from a VB application I can call this subroutine to update the file, even though my username does not have the access rights. However using the same login name, if I used UniObjects through excel, I would not be able to view, read or update the file. Regards, David Jordan -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Martin Phillips Sent: Saturday, 28 May 2005 7:18 AM To: u2-users@listserver.u2ug.org Subject: Re: [U2] Uniobjects hack > UniData *has* a UOlogin functionality which will allow you to vett > the user and decide if they can connect as a UO connection. You could > build most of what you want in there. We haven't tested it on UniVerse, > but I have the PE and UO set up, so if no one gets to it by Monday, I'll > test it and let everyone know. These are all great ideas but they still do not address the fundamental problem.... A user who can validly make a connection to use an application can write his own client program to subvert the system. None of the proposed solutions solve this. As far as we can see, it requires a change to the server side of Uniobjects (hence the solution to the equivalent functions in our product). Martin Phillips Ladybridge Systems 17b Coldstream Lane, Hardingstone, Northampton NN4 6DB +44-(0)1604-709200 ------- u2-users mailing list u2-users@listserver.u2ug.org To unsubscribe please visit http://listserver.u2ug.org/ ------- u2-users mailing list u2-users@listserver.u2ug.org To unsubscribe please visit http://listserver.u2ug.org/
