Are they using the "netview" command to launch? You can have your opers
enter "netview -ro" and they should always get a read-only map (whether they
are first or not). I set up our operators mouse buttons so they would always
launch with the -ro option (via a script), that way I always get the read
write map (Greedy me :-))
Blaine Owens
Eastman Chemical Company
Phone - (423)-229-3579
Fax - (423)-229-1188
bowens@eastman.com
> -----Original Message-----
> From: Gord Michaels [SMTP:gord_michaels@HOTMAIL.COM]
> Sent: Wednesday, June 23, 1999 3:28 PM
> To: NV-L@UCSBVM.ucsb.edu
> Subject: Security Problem/Question...
>
> Hello All.
>
> I am running Netview 5.1, AIX 4.2.1, Framework 3.6.
>
> In my environment, I use DCE. I have myself set up as a 'SrAdmin' user
> within Netview and my Operators under the 'oper' group.
>
> My Operators log into their AIX account and then Netview (oper group).
>
> Then, I log into my AIX account (not root, but I have given Map ownership
> to
> my AIX userid) and then into Netview under SrAdmin.
>
> Now, after this, I have only read permissions and none of the privilages
> which come with SrAdmin (i.e. I cannot unmanage devices, change symbols
> names, etc). BUT, MY OPERATORS HAVE READ/WRITE PERMISSION AND HAVE ALL THE
> SRADMIN PRIVILAGES !!!
>
> It seems as if whoever logs into Netview first, get read/write and full
> SrAdmin privilages. Whoever logs in after this, gets read only and oper
> permissions, regardless of what group they belong to. I have to test this
> yet, but from memory, it seems to be what is happening. Regardless, then
> end
> result is not the way it should be.
>
> Has anyone ever seen this before ???
>
> Any help/advice appreciated.
>
> Gord Michaels.
>
>
>
>
> ______________________________________________________
> Get Your Private, Free Email at http://www.hotmail.com
|