44 lines
3.6 KiB
HTML
44 lines
3.6 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Limitations of menu access control" />
|
|
<meta name="abstract" content="You cannot rely solely on menu access control to protect your system and allow users to use the system effectively to do their jobs." />
|
|
<meta name="description" content="You cannot rely solely on menu access control to protect your system and allow users to use the system effectively to do their jobs." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamvmenusecurity.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="menulimits" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Limitations of menu access control</title>
|
|
</head>
|
|
<body id="menulimits"><a name="menulimits"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Limitations of menu access control</h1>
|
|
<div><p>You cannot rely solely on menu access control to protect your system and allow users to use the system effectively to do their jobs.</p>
|
|
<p>There are a number of limitations to menu access control. Computers and users have changed a great deal in the past few years. Many tools, such as query programs and spreadsheets, are available so that users can do some of their own programming, which lightens the work load of IS departments. Some tools, such as SQL or ODBC, provide the capability to view information and to change information. To enable these tools within a menu structure is very difficult.</p>
|
|
<div class="p">As a security administrator who is trying to enforce menu access control, you have two basic problems:<ul><li>If you are successful in limiting users to menus, your users will probably be unhappy because their ability to use modern tools is limited.</li>
|
|
<li>If you are not successful, you could jeopardize critical confidential information that menu access control is supposed to protect. When your system participates in a network, your ability to enforce menu access control decreases. For example, the LMTCPB parameter applies only to commands that are entered from a command line in an interactive session. The LMTCPB parameter has no affect on requests from communications sessions, such as PC file transfer, FTP, or remote commands.</li>
|
|
</ul>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvmenusecurity.htm" title="This article discusses the user profile parameters for setting up menu security.">Set up menu security</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |