enter creation password when lookup with qualifiers?

Tue Jan 29 09:57:07 PST 2008

GCC Consulting wrote Tuesday, January 29, 2008 12:34 PM:
>
> > -----Original Message-----
> > From: filepro-list-
> > bounces+gccconsulting=comcast.net at lists.celestial.com [mailto:filepro-
> > list-bounces+gccconsulting=comcast.net at lists.celestial.com] On Behalf
> > Of Bruce Easton
> > Sent: Tuesday, January 29, 2008 12:20 PM
> > To: filepro list
> > Subject: RE: enter creation password when lookup with qualifiers?
> >
> > Kenneth Brody wrote Tuesday, January 29, 2008 10:46 AM:
> > >
> > > Quoting Scott Nelson (Tue, 29 Jan 2008 07:36:15 -0800):
> > >
> > > > Kenneth Brody wrote:
> > > >> Quoting Scott Nelson (Mon, 28 Jan 2008 17:32:29 -0800):
> > > >>
> > > >>> Is it normal for the 'enter creation password for filename'
> > > prompt when
> > > >>> doing a lookup using a qualifier?
> > > >>
> > > >> Assuming you mean at runtime, the answer is "no".
> > > >>
> > > >> It is, however, normal for it to appear at runtime when using
> > > a variable
> > > >> for the filename.
> > > >>
> > > >
> > > > That is it.  But why if there is a variable????
> > >
> > > ky = "myself"
> > > fn = "employees"
> > > lookup salary = (fn) k=ky i=a -nxp
> > > salary[10] = salary[10] * "1.5"
> > > write salary
> > >
> > > --
> > > KenBrody at BestWeb dot net
> >
> > I went off on this some time ago.  I understand the security
> > advantage this gives an application.  And I understand how
> > this came in to being historically, and in that light, the
> > behavior seems consistent with filepro.  But I still feel it
> > was a big mistake to bring something called a "creation password"
> > to any runtime program in this way.  I feel for many types of
> > applications, it is unrealistic, unfriendly, unappliable,
> > to have end-users responsible for entering a creation password
> > at runtime for something that indicates that it is protecting
> > the developer.
> >
> > So not only is it expressed poorly in this case when it is
> > encountered, but a password protection scheme is now
> > unilaterally imposed (upon perhaps a large organization)
> > where the only goal of the developer was to protect his/her
> > work.
> >
> > Of course we are left with two options - don't use any
> > variable filenames when you want to creation-password protect
> > your work, or don't use creation-passwords.  Big impact on
> > trying to produce robust off-the-shelf software.  I just hope
> > that any future version of filepro will separate application and
> > and useage of a developer protection scheme from data access
> > protection scheme (and make it obvious when expressed in the
> > runtime).
> >
> > Bruce
> >
> > Bruce Easton
> > STN, Inc.
>
> If fp didn't want to break the current code regarding the
> creation password
> and lookups using a variable, there are 2 solutions:
>
> 	1. Another environmental variable pfcrpw=no  Turn off asking for the
> creation password at runtime
> 	2. Ability to bypass the password at runtime in programming with a
> lookup flag to bypass the creation password request.
>
> This last option does can offer some runtime security by allowing using a
> variable but based on the user allow access directly or require a
> password.
>
>
> Richard Kreiss
> GCC Consulting
> rkreiss at gccconsulting.net
>  

Yes, Richard, I think both of those could work and be backward-
compatible.

When this subject last came up, I had another solution and that was
to augment the part of the program that currently asks for creation
passwords *in cabe* so that the developer would be allowed to enter one
or more filenames of files that he/she wanted to pre-authorize (even
though they were not literally used in the current table).  This should
provide the same level of data security without involving the end-user.

Also, it was thought that having a literally-named lookup sitting in the
table (without necessarily ever being executed) would allow the creation
password to be "pre-approved", but after testing, it turns out that
you are still prompted for the password for the variable-named lookup.
But that might be another solution - to make that work the way people
thought it did :).

Of course any of these solutions would involve mods to cabe or the
runtime progs or all of them.

Bruce

Bruce Easton
STN, Inc.