| Generally speaking, privileged users will be able to read anything they
like anyway. All you can do is make it a bit harder for them, and stop
them stumbling across interesting things.
If you can't trust your privileged users, take their privileges away.
If you can't do that, remind them that using their privileges to read
someone's mail is the same as searching through the paper mail in their
desk. Both of these are offences you can be fired form the company for.
You can still do a loop through the partition file looking for
interesting things.
Regarding FDLs, they don't need the owner field at all IMO, I'd remove
it completely. We try to remove them from any FDLs we ship if possible.
Your command procedure OA$LIB_SHARE:GETPRV.COM can be simplified by
testing for all privileges at once:
$ Prv_value = f$priv("SYSPRV") .or. f$priv("BYPASS") .or. f$priv("GRPPRV")
Similarly your ALLIN1.COM procedure can be simplified using the F$SETPRV
lexical:
Saved_privs = f$setprv( "NOSYSPRV,NOBYPASS,NOGRPPRV" )
resetting them with:
Dummy = f$setprv( Saved_privs )
Graham
|
|
In contrast to the comments of "Take away their privs if you
don't trust them" I quite like the idea of separating ALL-IN-1
access from VMS access. True, someone with CMEXEC can access
anything on a given machine, but why make it easy for them? Not
everyone has the time/patience/know-how. Its a bit like locking
your drawers in your desk and leaving the keys on a hook on the
wall. It raises the stakes if you get caught.
I don't believe most people with BYPASS were given it so that they
could SMU to everyone's account.
Regards,
Paul
|