Ben,
That is a great idea, but I went and typed show escape... it is off.I will check the code and see if somewhere it gets turned on. I will suggest keeping that 'crucial' data in another database.... trouble is, two forms in this database look for info from that one.... so more crap to set up.... arghh.. If only I was allowed more than a few minutes a day to program this would be much easier.
Dan
At 11:54 AM 6/10/2003 -0700, you wrote:
Dan,
I know this is just a baby step towards where you're headed... but if you "set
escape off" the users can't escape to the R> (at least that _used_ to be true,
haven't used it in a long time). From there Dennis' suggestion of putting that
one very sensitive table in a separate DB would probably make your life a lot
easier.
Ben Petersen
On 10 Jun 2003, at 9:58, Dan Champion wrote:
>
> Dennis,
> The owner is MikeV, but it is pasworded as well. You cannot set user
> MikeV without an error message that prompts for a password. Without the
> password you have 0 access to the database. NO tables accessible. I will
> have to do as Razzak suggested and connect as the owner with password and
> unload all, edit the unload to remove the owner and reload.
> As far as security goes, I already had my own login/password in my
> codes, so each user here had a different security level. Before any code is
> allowed to run, the usersecurity must match... however that is only when the
> code is run... some users are smart enough to hit escape during the start
> process and get access to the tables from the R< This is where the boss wants
> to have the tables locked from all of us (including me the developer...what a
> hassle)
>
>
>
> Along those lines... when I get things more figured out later (he still wants
> to protect one table in the database from anyone except him to see) Is there
> an easier way to grant access to all tables, then just revoke access to that
> table? I had to write a program that
>
> granted all privileges for (tablename) to (userlist)
>
> one line for each tablename. Is there an easier way... we have 70 tables
> in the database.
>
> I have read all the help files, and a few of the old books, but found no
> shortcut.
>
>
>
>
>
> At 06:18 AM 6/10/2003 -0700, you wrote:
>
> >Dan,
> >
> >If you know the owner name you can do whatever you want.
> >
> >
> >The key is knowing how the NAME and USER settings work.
> > > >Think of USER as "USER PASSWORD" > >NAME is only an identifier, it does not affect access to tables. > > > >If the DB owner is GEORGE, at the r> you type SET USER GEORGE. You > >will have total access to the database. When yo are done, SET USER > >NONE to return to normal. > > > >NONE and PUBLIC are pretty well synonomous. Granting rigths to PUBLIC > >will let anyone use that right. Granting rights to any other password > >will only allow access to those rights when the USER is set to that > >password. If the USER is set to the owner password, all access is > >allowed. > > > >I have a client that insisted on setting up this kind of security. In > >the login to the application, each user enters their ID and a USER name > >is retrieved from a table and set. It is saved in a variable. Then, > >when my code needs to do something only allowed to the owner, I change > >USER to the owner, process, and then SET USER &vUserName and all is > >back to normal. > > > >If one really wanted to make this more secure, all code that does this > >could be codelock so noone could find out the owner password. > > > >Having security on a database really adds a great deal of complication > >to the whole app. But, if the boss is paranoid (rightfully so > >sometimes), one must go there. > > > >Dennis McGrath > > > > > > > > > > > >--- Dan <[EMAIL PROTECTED]> wrote: > > > > > > Ok, > > > So, If I read this right.... A. = I am right... only the owner can > > > do the > > > unload/reload which he doesn't want to do. > > > and B... sure don't understand B... use the grant option to take > > > care of > > > EVERYTHING? > > > The question was, how do I UNDO giving the onwer total control. He > > > wants > > > to lock us all out of one table, but thinks things can continue as > > > normal. > > > They can't... now he hea to do my job and maintain the database > > > (according > > > to example A) and B does not give ME control of the database. I am > > > really more confused than I was to begin wtih. I think assigning the > > > owner > > > of our company. OWNERship of the database was a mistake. I should > > > have > > > left it PUBLIC so I can still maintain the data. > > > > > > How do I undo giving him ownership... I tried setting the owner as > > > public > > > but get an error message about SQL not working if I do. > > > > > > (please forgive any misspellings, I had an accident with my eyest > > > today and > > > can't see what I am typing) > > > > > > Dan > > > At 12:15 PM 6/9/2003 -0400, you wrote: > > > > > > > >At 12:06 PM 6/9/2003 -0400, Dan Champion wrote: > > > > > > > >>Does anyone have some good advice on the topic of Database > > > Ownership. > > > >>We just recently took our PUBLIC 'ly owned database, but now the > > > company > > > >>owner would like to be able to restrict access to one of the > > > tables. I Set > > > >>him as OWNER, and Granted access (table by table) to the users. > > > Now... > > > >>unload/reloads can't be done by anyone but the owner? > > > >>How do we set it back to public till we figure a better way to do > > > this? > > > > > > > >Dan, > > > > > > > >A few options: > > > > > > > >A. At the R> prompt: > > > > > > > >01. CONNECT dbname IDENTIFIED by OwnerPasword > > > >02. SET NULL -0- > > > >03. OUTP dbname.UNL > > > > UNLOAD ALL > > > > OUTP SCREEN > > > > > > > >04 Open dbname.UNL file in RBEDIT or any text editor and then > > > > change the structure accordingly. > > > > > > > >B. > > > > > > > >01. CONNECT dbname IDENTIFIED by OwnerPasword and then > > > > > > > > Use GRANT option to take care of everything. > > > > > > > > For complete details: http://www.RSyntax.com > > > > > > > >Hope that helps! > > > > > > > >Very Best R:egards, > > > > > > > >Razzak. > > > > > > > > > > > Dan Champion > P.O. Box 223 > Grandville, MI. 49428-0223 > www.championsolutions.net >
Dan Champion P.O. Box 223 Grandville, MI. 49428-0223 www.championsolutions.net
