Would a trigger on the data file work? For non privlaged users modify the data to "<SECURED>" after a read then on write and update you could replenish the hidden data before actually doing the write. It would be quite a bit more programming work than just a simple permissions change but you could assign security and apply the trigger program without changing any of your current programming.
Just a thought for you to kick around and it should work in both Windows and Unix environments. You should be able to do this in all the U2 product line, too, I believe. BobW -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Craig Bennett Sent: Wednesday, November 28, 2007 5:07 PM To: [email protected] Subject: Re: [U2] Need to partially hide a file Augusto, when you say hidden, how hidden do you mean? >>> We need to hide some private data (customer personal data) in order to >>> fit with our Private Data Protection Law. >>> But only for some users, the others, they need to have full access. >>> Our app is complex enough to modify the source code. >>> I would consider using operating system permissions on the files to allow read (and write) access based on group. Only your privileged users go in the read/write group for the file. You will still need to modify your application (or your other users will get errors when they try to open these files) but doing it at the operating system level is a good failsafe design -- if your application incorrectly attempts to allow access to the file, the operating system will prevent this and cause an error in UV. This is a simple and easily auditable security model. You may still want to encrypt the files -- to prevent access outside of the application -- but that is a separate issue. Craig ------- u2-users mailing list [email protected] To unsubscribe please visit http://listserver.u2ug.org/ ------- u2-users mailing list [email protected] To unsubscribe please visit http://listserver.u2ug.org/
