[Hardhats-members] VistA users each with their own userid. Was: Device attributes

Thu, 01 Dec 2005 15:06:07 -0800 

From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of K.S.
Bhaskar
Sent: Monday, November 28, 2005 12:02 PM
To: hardhats-members@lists.sourceforge.net
Subject: Re: [Hardhats-members] Device attributes

On Mon, 2005-11-28 at 10:44 -0800, Greg Woodhouse wrote:
<snip>
> That being said, I think you are right that it would be preferable from
> a security point of view to use OS level security and auditing, but
> VistA wasn't designed this way, and it's not trivial to retrofit this
> model onto VistA. Perhaps I've misunderstood, but I do not see how your
> model can work.

[KSB] Let me turn this around because you know more about VistA than I
do.  What do you see as not working if each user has his/her own UNIX
userid?  [Note that there may still be a user vista under which a
nightly backup is launched under cron, or which owns processes that
serve CPRS GUI clients that connect at a TCP port, etc.  But regular
users who login to the system would not use vista.]

[Cameron Schlehuber] VistA doesn't prevent what you're describing.  At the
SLC Office of Information field office, each developer has their own userid
to the VMS system.  Most have a menu at the OS level that gives them choices
of what account they wish to drop into.  Some take them directly to the
VistA login, others drop them directly to programmer mode.  By the same
token a production user could have the OS take them directly to the VistA
login.  Since most users wouldn't like to have to know two different userids
and passwords, one pair for the OS userid and another pair for VistA, one
could set up the shell to pass in to VistA the user's unique ID and skip the
VistA access/verify challenge and go right to their assigned menu (along
with setting up the error trap, etc.)



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37&alloc_id865&op=click
_______________________________________________
Hardhats-members mailing list
Hardhats-members@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/hardhats-members

Reply via email to