[comp.os.vms] Using VAX Notes

kaiser@hillst.dec.com (Systems Consultant; 297-4445) (06/24/88)

From:	HILLST::KAISER       "Systems Consultant; 297-4445" 23-JUN-1988 22:45
To:	NM%DECWRL::"S211KENO%HTIKUB5.BITNET",KAISER
Subj:	Using VAX Notes

Kees writes:

> - I have not found a way to delete notes based on their creation date,
>   neither is there a method to automatically set an expiration date
>   on every note at creation time.

There is no way within VAX Notes itself.  (Why do you want to do this?  Habit?)
If you want to do this -- and I assume that you are the legitimate moderator of
the conference(s) in question -- you can certainly accomplish it with a pretty
simple procedure.  If you want this feature in VAX Notes itself, I suggest you
send Digital an SPR, or speak up at a DECUS Symposium.

> - One of the features I expect from a conferencing system is to
>   automatically forward VMSmail messages to a conference.
>   For example I would like all INFO-VAX incoming mail to go to a
>   INFO-VAX read-only conference.

How is the conference supposed to know it's getting mail?  And where to put it?
Once again, this is pretty easy to hack with a command procedure.  The method of
brute force would simply read the mail and write the messages into the proper
conferences.  I use several procedures that do this for me, so I can testify
that it's not difficult.

> - Security is very very poor.
>   There are no installed privileged images. Everything you can do
>   in VAXnotes, you can do at DCL-level, or even more.
>   A conference you create for general write access may be completely
>   overwritten with the DCL WRITE command, but you only want to
>   allow write access in VAXnotes.

Security is actually quite good.

> Is there anybody out there who has suggestions about what I've missed ...

Here's how to do it.  Be sure to set up the conference for members only.  Make
the conference (file) belong to a user with a unique VMS group and user ID, in a
directory protected from any access except by that user -- and not the directory
NOTES$LIBRARY.  Protect everything with appropriate ACLs to allow only the
server to read and write the conference.

The result is that the conference cannot be read or altered except by the
server, and the server will allow only members to participate.  The moderator(s)
can control who is a member, whether the conference can be written, what notes
can be replied to, and what notes are hidden.  Secure enough?

---Pete

Kaiser%hillst.dec@decwrl.dec.com
decwrl!hillst.dec.com!kaiser
DEC, 3 Results Way (MRO3-3/G20), Marlboro MA 01752  617-467-4445