Hi Michael The only thing I can think of is to restrict Access to Universe for this account, so that they cannot write, update or delete for this user group.
Create Subroutines that have this access writes to write & Delete by using the Authorization statement in the code, which allows you to give the subroutine higher privilages than the user has running it. (It has to be compiled by a user with those privilages, so an unauthorised programmer cannot tamper with the subroutines) By this method, The programmer should be able to read, select, retrieve and call subroutines, through UniOPbjects or ODBC, and can only carry out writes and delete through Subroutines. I think is the easiest way to force this type of integrity on older systems, without resorting to SQLising the files. Hope this helps Regards David Jordan Managing Consultant [EMAIL PROTECTED] Dacono Holdings Pty Ltd Business & Technology Consulting PO Box 909 Lane Cove NSW 2066 Australia Ph 61 2 9418 8329 Fax 61 2 9427 2371 www.dacono.com.au -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael McRae Sent: Friday, 26 March 2004 5:30 PM To: [EMAIL PROTECTED] Subject: Writing a "RPC Service" A customer has asked how he could implement some stringent security on the 'unirpc' services. In particular, he wants to only allow certain 'Requests' (like the 'Subroutine' method, etc.) from any users out there writing UniVerse Objects front-ends. To me, this means he wants unirpc to fire off uvserver when requested by UniObjects, but to have uvserver only forward on his allowed Methods (and no other). This would keep developers from writing code that could .Read, .Write, .Delete, etc, and force them to obey his security standards. 1) The first option I can think is to 'intercept' the uvserver executable. Has anyone any experience with writing their own Services for unirpc? 2) Next, how about distributing a cut-down version of the DLL (or is it OCX?) that his users will bind into their app? Hoping there's a chance... Michael McRae -- u2-users mailing list [EMAIL PROTECTED] http://www.oliver.com/mailman/listinfo/u2-users -- u2-users mailing list [EMAIL PROTECTED] http://www.oliver.com/mailman/listinfo/u2-users
