Creation password at runtime

Bruce Easton bruce at stn.com
Fri Jan 19 11:07:30 PST 2007 

> -----Original Message-----
> From: Kenneth Brody
> Sent: Friday, January 19, 2007 8:53 AM
>
> Quoting Bruce Easton (Thu, 18 Jan 2007 15:02:29 -0500):
> [...]
> > filePro 3.0 manual under "The Creation Password: Protecting Your
> > Formats,"
> > ...
> >
> > 	"This password does not, however, affect who can or
> > 	cannot see and change your records--runtime opertations
> > 	are protected separately with individual passwords."
> >
> > So if this definition has changed with the advent of variable-named
> > lookups, then why???  If the purpose of a creation password is no
> > longer just protecting formats and processing, then why is it still
> > called a creation password?
> [...]
>
> It's preventing you from creating a lookup into that file, just as a
> lookup with a hardcoded filename will require the creation password
> in *cabe.

Ken, I see your point.  If you had not implemented it that way, we would
probably be looking  at the ability to do the lookup without being prompted
at runtime as a security loophole since the advent of variable-named
lookups.

But I still do not like the prompting of a creation password getting to an
end-user when the developer has no such intention.

I see George Simon's post:

> Why couldn't a simple:
>
> video off
> pushkey "creationpassword"{"[entr]"
> lookup thefile = (fn)  k=1  i=a  -npx
>
> get around this problem?

Neat idea - and although this might work (I'd have to test to do it only
once since I have a loop of these lookups), I'm not keen on the idea of
putting a hard-coded reference of a password in the table - that would be,
in my mind, just as much a security hole as not asking for the password. Or
at least, I guess it would if the file that this prc is in has a different
creation password than the one that I'm doing the lookup to.

But I maybe you could get a little more secure by augmenting that idea with:

Then: video off
Then: lookup mscf=my_special_cp_file k=("APP") i=a -nx  '<--where I only
	   know the creation password to this encrypted file and only I
	   can see the enc-method.
  If: mscf
Then: pushkey mscf(2){"[enter]"
Then: lookup thefile = (fn) k=1 i=a -npx

Before I saw George's post, I was about to suggest an enhancement to filepro
where a combo key of processing table name + creation password (CP) could be
stored in a new special key - say "cp_ok_key" and that could allow the
developer to pre-authorize lookups into creation-password-protected files.
i.e., you're in rcabe and upon saving the table, a new option when selected
would allow you to enter one or more filenames, and for any filenames that
are password protected, the password would be prompted, and if it is
validated, an entry is made  into the  "cp_ok_key" special file (usable only
by *cabe,*clerk,*report).  Then at runtime, before asking for a CP for a
variable-name file, before asking for a CP, this special file is checked for
the table name-filename combo.  If it's there, then no need to ask CP again.
I don't think backward-compatilbility would be a problem with this, but then
again, I haven't thought much about the level of automatic maintenance
something like this should need from the cabe and clerk programs.

Bruce Easton
STN, Inc.

More information about the Filepro-list mailing list