| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 1323.1 | | CSC32::BUTTERWORTH | Gun Control is a steady hand. | Mon Jun 17 1996 12:50 | 30 |
| > I'm attempting to set up PCM to have a batch job start when the system
> boots for a read-only monitor. I set up an account and gave it access
> to half the systems. I then logged into that account and edited C3 to
> what I wanted. I logged out to my account and did a console edit to
> remove all the systems from the user. I also took off edit c3 from
> their profile. Then I did a Console reconfig.
>
> I then logged back into their account. I could not edit my C3 layout,
> but I could Console Connect to any of the previously entered systems.
> It looks like PCM is looking at my CONSOLE$C3.DAT file and not the
> system security file. Since that's a text file, it would be fairly easy
> to edit it to add a system in.
> So, I guess my questions are two,
> 1) Is this execpected behavior, and if so , isn't this a security
> problem?
You mentioned you are using groups. If you remove accss to a particular
system, but that system is part of a group a user has access to then
they get access to the system.
> 2) How can I configure a use to see the icons in a group, but not be
> able to connect to them?
You must use CONSOLE C3/READ_ONLY
Regards,
Dan
|
| 1323.2 | Way too many options for me ;-) | PHXSS1::ADKINS | | Mon Jun 17 1996 13:23 | 21 |
| >> 2) How can I configure a use to see the icons in a group, but not be
>> able to connect to them?
> You must use CONSOLE C3/READ_ONLY
OK. It looks better. First time I tried, I could still connect the
console, but after a reconfig, it seems to work as specified.
But the user can still go into Options-General and change to connect on
double-click. When you double-click, nothing happens. No message or
anything.
I thought I remembered a user who I set up to acces a group, but not a
system in the group. When he would double-click on a system he didn't
have access to, he'd get a console window, it would say you don' have
access to this system and exit. I'll double-check on that.
Thanks
Jim
|
| 1323.3 | | CSC32::BUTTERWORTH | Gun Control is a steady hand. | Mon Jun 17 1996 14:18 | 19 |
| > But the user can still go into Options-General and change to connect on
> double-click. When you double-click, nothing happens. No message or
> anything.
Hmmmm.... I would consider this a very minor bug as it should at least
output a message box saying you can't connect to the system. There's no
security hole at least as your user can't connect to the system.
> I thought I remembered a user who I set up to acces a group, but not a
> system in the group. When he would double-click on a system he didn't
> have access to, he'd get a console window, it would say you don' have
> access to this system and exit. I'll double-check on that.
It should allow him access to the system via the group specification.
Regs,
Dan
|