DALOCK & 7.10.G1

Dr Dave Watts david_wat@antdiv.gov.au
Fri, 23 Oct 1998 22:36:43 +1000 

>From Allison Hamilton
>P.S. ...
>Just out of curiosity --- for all those lurking on this list who are VMS
>users -- how many of you are using ACL-based access for disc resources
>and/or privilege access with your PowerHouse applications???
>

We have implemented a very simple method on VMS using RdB database

1) use the PH sitehook to run some code that looks at where the
quick/quiz/qtp code is located

2) if located in the appriate directory that the live code should be in (ie
direcory PROMS and its subdirectory), then
allow sitehook code to add an identifier called MAGIC to the users process
Note powerhouse code *.%%c are world readable but all *.%%s is not to anyone
The directory PROMS is not in any users group ie seperate UIC group.

3) database is protected from all users except those that have MAGIC
ie    define protection for relation asac_isotopes position 2
	ident [magic] access read+write+modify+erase.

4) use exit handler to remove MAGIC

5) this works just as well in batch quiz/qtp runs.

6) Powerhouse code defines what a user can do regarding update/read/create
records   and not what is in the database security


its benefits
a) just add users via Powerhouse application class
b) just add above MAGIC protection to any new tables. no need for any more bits
c) to remove a user, just delete from Powerhouse application class.

__________________________________oOo____________________________________

Dr Dave Watts                         email: david_wat@antdiv.gov.au
Applications Programmer
Computing Services                    Phone  +61 3 6232 3493 (direct)
Antarctic Division                           +61 3 6232 3209 (Switchboard)
Channel Highway                       Fax    +61 3 6232 3351
Kingston, Tasmania 7050, Australia    WWW    http://www.antdiv.gov.au/
=========================================================================
  


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
Subscribe: "subscribe powerh-l" in message body to majordomo@lists.swau.edu
Unsubscribe: "unsubscribe powerh-l" in message to majordomo@lists.swau.edu
powerh-l@lists.swau.edu is gatewayed one-way to bit.listserv.powerh-l
This list is closed, thus to post to the list, you must be a subscriber.