Hi Jerry
its been awhile since I had to deal with security and access, but heres my
2 cents
If you no one to be able to change/modify/add/delete from these files, then
users (or group profiles) need *USE. However the users with *allobj will
get past this with no problems.
Any user that has *USE access to these files and attempts to use an
existing program that opens one of these files with update, that program
will error out with invalid authority.
If any of these programs have adopted authority, bang goes you security.
In other words, this is NOT easy.
One thing that does come to mind is that this PURGE library is restored
from a master copy every night. Is that idea pretty? Not really, because as
soon as any data is changed, the results from ANY of the programs become
suspect.



Alan Shore

NBTY, Inc
(631) 244-2000 ext. 5019
AShore@xxxxxxxx
"If you're going through Hell, keep going" - Winston Churchill

midrange-l-bounces@xxxxxxxxxxxx wrote on 09/18/2007 03:19:48 PM:

Not sure if the title is 'correct' for this discussion but here is what I

need to analyze:

We want to purge some rather large files by moving (identified) records
into an image of the files that will reside in a different (Purge)
library. The Purge library will contain only physical files and all
related LF's and SQL indexes.

Since users will need to be able to access the data in the Purge library,

I need to ensure they cannot update it since it is now 'historical'.

I'd prefer that the users be able to use the same programs to access the
production and purged data. An option from their initial menu will allow
them to add/remove the Purge library to/from the top of their library
list.

The question is this: Is it practical/possible to just change the object
authority of all of the objects in the Purge library to read only? Will
this prevent unwanted updates to the historical data - even though the
existing/unmodified programs (used for production data) may attempt to
maintain the data? Would SQL updates (with *commit = NO) be able to
update
the 'read only' data in the Purge library?

Any gotcha's? Suggestions?

Thanks!

Regards, Jerry

Gerald Kern - MIS Project Leader
Lotus Notes/Domino Administrator
IBM Certified RPG IV Developer
The Toledo Clinic, Inc.
4235 Secor Road
Toledo, OH 43623-4299
Phone 419-479-5535
gkern@xxxxxxxxxxxxxxxx


This e-mail message, including any attachments, is for the sole use of
the
intended recipient(s) and may contain confidential and privileged
information. Any unauthorized use, disclosure or distribution is
prohibited. If you are not the intended recipient, please inform the
sender by reply e-mail and destroy this and all copies of this message.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.