JayJay It misses the point.
I'm not talking about hackers from outside, I'm talking about valid, legitimate users with update access to the database because they have access to the relevant application but within that application are constrained by menus and application programs. If I load UniObjects onto their PC in order to provide downloads to Excel then if (big if, I know) they understand UniObjects and U2 they can then fire up Excel, add the UO reference and do pretty much what they like with VBA and U2 commands using their normal telnet login id and the direct path to the database instead of the nice secure account I've just set up specifically for UO. UO bypasses anything in the login para in the "main" account OK, I accept that this would be inappropriate behaviour, disciplinary offence etc but I prefer to keep the door to the computer room locked, instead of swinging wide open with a sign telling people not to go in. Piers -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of John Jenkins Sent: 31 May 2005 23:42 To: [email protected] Subject: RE: [U2] Uniobjects hack So what does this combination miss? ------- u2-users mailing list [email protected] To unsubscribe please visit http://listserver.u2ug.org/
