-1701
-Original Message-
From: [EMAIL PROTECTED] [mailto:owner-u2-
[EMAIL PROTECTED] On Behalf Of Ray Wurlod
Sent: Friday, June 10, 2005 7:36 PM
To: u2-users@listserver.u2ug.org
Subject: RE: [U2] access via disabled accounts (solution) - How?
How can you pull data from a U2 file
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of David Jordan
Sent: Thursday, June 09, 2005 8:58 PM
To: u2-users@listserver.u2ug.org
Subject: RE: [U2] access via disabled accounts (solution)
Within UniVerse you can do the same thing. You can restrict user
Hi Dave
Could someone please answer this for me:
How can you pull data from a U2 file, via UniObjects, manipulate it in
VB.NET, and write it back to the file, via UniObjects, via stored
procedures, and without directly accessing the files from UniObjects? I'm
just looking for basic general
] [mailto:owner-u2-
[EMAIL PROTECTED] On Behalf Of Martin Phillips
Sent: Thursday, June 09, 2005 9:14 AM
To: u2-users@listserver.u2ug.org
Subject: Re: [U2] access via disabled accounts
I'm not so sure I would call this a security hole. If I could
figure
it out, it might just be a security
] [mailto:owner-u2-
[EMAIL PROTECTED] On Behalf Of Martin Phillips
Sent: Thursday, June 09, 2005 9:14 AM
To: u2-users@listserver.u2ug.org
Subject: Re: [U2] access via disabled accounts
I'm not so sure I would call this a security hole. If I could
figure
it out, it might just be a security
On Fri, Jun 10, 2005 at 10:57:53AM +1000, David Jordan wrote:
Could you explain a little more fully how you do this?
Thanks
Will Johnson
Within UniVerse Basic is an AUTHORIZE Statement which allows you to give the
program different access rights to the user running the program. Ie
Don't you folks think this is a bit of yelling The sky is falling!? I2
reasons.
1. SOX and a number of international regulations have criminal liabilities
for senior executives and directors to ensure that they prevent issues.
2. A major reason why big organisations are replacing U2 systems is
I have the opposite. My UniObjects connections don't work, but the
very same user/password data will let me into a telnet session.
This all seemed to coincide with my screwing about with pam.conf so I
suspect in my case it's self inflicted. Until I get a chance to sort
it out, I'm using another
Tabor [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
06/09/2005 10:59 AM
Please respond to u2-users
To: u2-users@listserver.u2ug.org
cc:
Subject:RE: [U2] access via disabled accounts
Yikes!!!
I just tried it in AIX 5.2/UniData v6.1.3 (Locking the account via smit
Have a look at your pam.config file. I'll bet that UniObjects is not
using the same mechanism to connect as a telnet connection does. That
could mean the OS is not locking down all means of connection when a
login goes rogue.
I'm more certain now that this is an issue of OS and documentation
Back before starting to use UniObjects, I remember reading something about
UniObjects not logging in like a normal user would log in. I didn't realize
that it meant UniObjecs was 'above the law' in terms of logins. That's a
potentially scary issue!
Sounds like people are beginning to grasp the
: [U2] access via disabled accounts
I have the opposite. My UniObjects connections don't work, but the
very same user/password data will let me into a telnet session.
This all seemed to coincide with my screwing about with pam.conf so I
suspect in my case it's self inflicted. Until I get a chance
Well, Mr. Phillips, I can't disagree with you. The scenario you
describe is a classic concrete tunnel into the system not a hole at
all!
I'm just hoping that since I've managed to achieve the opposite (via
blind stupidity and bad luck) that perhaps this is all due to
inadequate documentation of
Well, Mr. Phillips, I can't disagree with you. The scenario you
describe is a classic concrete tunnel into the system not a hole at
all!
The solution that I mentioned was how we made the equivalent functionality
of QM secure. I would really like to see UniObjects offer something similar.
This
Hi Martin
The only way that I can see to close this hole is for UniObjects to have an
option to restrict which operations the client end can request. At the
highest level, this should restrict the client so that all he can do is
call
existing catalogued programs that are compiled with some
In a message dated 6/9/05 5:08:55 PM Pacific Daylight Time,
[EMAIL PROTECTED] writes:
Within UniVerse you can do the same thing. You can restrict user read,
write, delete access to the database either setting OS level file access or
by SQL security access. With the AUTHORIZE statement, you
Within UniVerse you can do the same thing. You can restrict user read,
write, delete access to the database either setting OS level file access or
by SQL security access. With the AUTHORIZE statement, you can allow
subroutines to have a different access rights. Thus from UniObects one can
17 matches
Mail list logo