From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of K.S. Bhaskar Sent: Monday, November 28, 2005 12:02 PM To: hardhats-members@lists.sourceforge.net Subject: Re: [Hardhats-members] Device attributes
On Mon, 2005-11-28 at 10:44 -0800, Greg Woodhouse wrote: <snip> > That being said, I think you are right that it would be preferable from > a security point of view to use OS level security and auditing, but > VistA wasn't designed this way, and it's not trivial to retrofit this > model onto VistA. Perhaps I've misunderstood, but I do not see how your > model can work. [KSB] Let me turn this around because you know more about VistA than I do. What do you see as not working if each user has his/her own UNIX userid? [Note that there may still be a user vista under which a nightly backup is launched under cron, or which owns processes that serve CPRS GUI clients that connect at a TCP port, etc. But regular users who login to the system would not use vista.] [Cameron Schlehuber] VistA doesn't prevent what you're describing. At the SLC Office of Information field office, each developer has their own userid to the VMS system. Most have a menu at the OS level that gives them choices of what account they wish to drop into. Some take them directly to the VistA login, others drop them directly to programmer mode. By the same token a production user could have the OS take them directly to the VistA login. Since most users wouldn't like to have to know two different userids and passwords, one pair for the OS userid and another pair for VistA, one could set up the shell to pass in to VistA the user's unique ID and skip the VistA access/verify challenge and go right to their assigned menu (along with setting up the error trap, etc.) ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37&alloc_id865&op=click _______________________________________________ Hardhats-members mailing list Hardhats-members@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/hardhats-members