[[https://www.revelation.com/|Sign up on the Revelation Software website to have access to the most current content, and to be able to ask questions and get answers from the Revelation community]]


==== Security and permissions (OpenInsight Specific) ====
=== At 05 APR 2000 06:15:51AM Colin Rule (CSSP) wrote: ===
 
{{tag>"OpenInsight Specific"}}
 
<QUOTE>
We understand that all files should be made to have full permissions, within the OI application directory.

This is very open to abuse, especially in sites such as universities etc.

Is there any way to allow OI to operate properly, AND have some basic security in place to stop people deleting, renaming, editing files etc.
</QUOTE>
----

=== At 05 APR 2000 09:33AM Matt Sorrell wrote:  ===

<QUOTE>Colin,



Couldn't you implement some sort of by-user rights on the directory.  Depending on where your application was available from, you could have a special user, or you could add all of your OI users to a certain group, and give only that group access to the directory.



Probably not what you're looking for, but all I can think of.



msorrel@greyhound.com

</QUOTE>

----

=== At 05 APR 2000 11:36AM dsig@teleport.com wrote:  ===

<QUOTE>Colin,



In addition to Matt's reply .. would it be possible for a 'propeller head' to write a routine which upon logging into OI would then instruct the 'server' to give rights to specific directories for login user?



I would think something like a group on the server with permissions for this kind of practice would be possible .. yes?





dsig@teleport.com onmouseover=window.status=imagine ... a company that supports it products with pride not extortion;return(true)"

David Tod Sigafoos ~ SigSolutions

cell: 503-341-2983

</QUOTE>

----

=== At 09 APR 2000 01:12PM [url=http://www.sprezzatura.com]The Sprezzatura Group[/url] wrote:  ===

<QUOTE>The ReadOnly flag in REVPARAM allows for ReadOnly files (NPP only).   Depending on the nature of the application, you generally never delete files.  Files will need read/write access for adding records.

The NLM and probably NT service allow more restrictive rights.  On NLM, use the Revelation user and assign full rights to Revelation user.  End user logon needs no rights.  NT Service, it might be possible to do based on having the service log in under specific account.  Sounds nice in theory, but never known it to be placed in practice.



[url=http://www.sprezzatura.com]The Sprezzatura Group[/url]

[/i]World leaders in all things RevSoft[/i]

[img]http://www.sprezzatura.com/zz.jpg[/img]



</QUOTE>


[[https://www.revelation.com/revweb/oecgi4p.php/O4W_HANDOFF?DESTN=O4W_RUN_FORM&INQID=NONWORKS_READ&SUMMARY=1&KEY=52AB963BB7AB44B5852568B800386258|View this thread on the  forum...]]