REVELATION user & tight security (Networking Products)
At 25 NOV 1997 02:11:34PM Ron Hollar wrote:
Is there a way to implement tight network security so that someone can be prevented from hacking a linear hash file with, say, wordpad while logged into Arev or OI? We are using Arev 3.12, OI3.4, Novell 3.12 & the 1.12 NLM. I understand that there is a way to let the NLM access the files, without the user even having access rights to them. Also, I don't want to lose @USERNAME by doing this. There are too many places that we record a change to a record with the @USERNAME, DATE() & TIME(), so the user name must be retained. How is this done?
At 25 NOV 1997 05:56PM Aaron Kaplan wrote:
You seem to be knowing a bit more than you let on, my friend. Go through the manual and look for information on the REVELATION user. That's the actual name of the user needed to accomplish this.
apk@sprezzatura.com
`
At 25 NOV 1997 06:31PM Ron Hollar wrote:
Oh, yes, the manual does indeed say that the REVELATION user is the way to accomplish this. I'm not sure about the @USERNAME issue, though. The manual also says that to implement the REVELATION user, the /oa switch needs to be passed to the LHIPXSER.NLM, and that AREV must be passed the /p@ switch. How would AREV know what user was making the updates? Is the user passed in addition to /p@?
At 26 NOV 1997 08:53AM Aaron Kaplan wrote:
You're confusing the Novell username with the ARev/OI username.
I can login to a server a user GUEST, but log into ARev/OI as user SUPERVISOR. This would not give me supervisor rights on the server. The Revelation user switch is for the NLM. When it performs file access, instead of using the user you logged into the server as, it uses the user REVELATION. @USERNAME will not be affected.
apk@sprezzatura.com