kaiser@hillst.dec.com (Systems Consultant; 297-4445) (06/24/88)
From: HILLST::KAISER "Systems Consultant; 297-4445" 23-JUN-1988 22:45 To: NM%DECWRL::"S211KENO%HTIKUB5.BITNET",KAISER Subj: Using VAX Notes Kees writes: > - I have not found a way to delete notes based on their creation date, > neither is there a method to automatically set an expiration date > on every note at creation time. There is no way within VAX Notes itself. (Why do you want to do this? Habit?) If you want to do this -- and I assume that you are the legitimate moderator of the conference(s) in question -- you can certainly accomplish it with a pretty simple procedure. If you want this feature in VAX Notes itself, I suggest you send Digital an SPR, or speak up at a DECUS Symposium. > - One of the features I expect from a conferencing system is to > automatically forward VMSmail messages to a conference. > For example I would like all INFO-VAX incoming mail to go to a > INFO-VAX read-only conference. How is the conference supposed to know it's getting mail? And where to put it? Once again, this is pretty easy to hack with a command procedure. The method of brute force would simply read the mail and write the messages into the proper conferences. I use several procedures that do this for me, so I can testify that it's not difficult. > - Security is very very poor. > There are no installed privileged images. Everything you can do > in VAXnotes, you can do at DCL-level, or even more. > A conference you create for general write access may be completely > overwritten with the DCL WRITE command, but you only want to > allow write access in VAXnotes. Security is actually quite good. > Is there anybody out there who has suggestions about what I've missed ... Here's how to do it. Be sure to set up the conference for members only. Make the conference (file) belong to a user with a unique VMS group and user ID, in a directory protected from any access except by that user -- and not the directory NOTES$LIBRARY. Protect everything with appropriate ACLs to allow only the server to read and write the conference. The result is that the conference cannot be read or altered except by the server, and the server will allow only members to participate. The moderator(s) can control who is a member, whether the conference can be written, what notes can be replied to, and what notes are hidden. Secure enough? ---Pete Kaiser%hillst.dec@decwrl.dec.com decwrl!hillst.dec.com!kaiser DEC, 3 Results Way (MRO3-3/G20), Marlboro MA 01752 617-467-4445