|
HP OpenVMS Systemsask the wizard |
|
The Question is: To whom it may concern, WE are currently running DFS VERSION 2.2-3 We have a security issue between the Client and Server. Our problem is that we want to limit the usage of an access point to one user at a given time. To this end we have modified the proxy account on the server to have maxjobs=1. The problem is that anyone on the client can create the account we are using to compile executables and then has full access to the DFS disk/server. Modifying the proxy account has not helped. Can DFS limit the number of simultaneous users to a given accesss point? Regards, Rafael Ruiz The Answer is : DECdfs tries to closely emulate a locally-connected disk device. If the files in question were on a locally-mounted disk, the same restrictions exist -- a user with full local access would be able to perform the same operations on the local disk as they can on the DECdfs disk. The server (proxy) username on the DECdfs server is used solely to determine access rights, the process quotas are ignored. Alternatively, you can map a unique server (proxy) and appropriate protections for each user, and use host-based checks (via SYLOGIN.COM checks or otherwise) to control which of clients have access to the target disk, possibly via ACLs on the target that permit (or deny) access to the target from the server (proxy) username. Alternate approaches available here could include code management schemes and tools, as this question appears similar to be one of source code control.
|