Question:

We have a suite of DBs hosted on a Mac G4 running OS 10.3.9 and
Filemaker Server Pro 7.04. It's running just peachy. Another group at
the school also has some DBs running on the same server.

Up until now, all Filemaker users have been using FMPro to access
these DBs. Guest access is turned OFF and none have either physical or
normal user access to the actual machine hosting the DBs.

Now, all our users are supposed to get Filemaker Pro Advanced 8.5
because we can get it as a subscription for the same price as the
"normal" version.

I'm concerned about any possible extended risks involved with normal
users having access to the FMPro Advanced Tools AND to sensitive data
on a FMP Server. Could they, for example damage or compromise a DB
with this version of FMP Advanced, that they otherwise couldn't, if
they stayed with the "normal" user version?

Personally, I have an uneasy feeling, giving non-developers a
developer-tool when they don't need it.

Thanks for any input in advance...

Normally I would agree, but it is not that difficult to set up
accessprevileges and custom menu's protecting the file. But then again the
users would have to log-in using passwords, which might be a sore.

Keep well, Ursus

"musicofnote" <lcecil (AT) music-of-note (DOT) ch> schreef in bericht
news:1173366243.767795.103450 (AT) p10g2000cwp (DOT) googlegroups.com...

On Mar 8, 8:04 am, "musicofnote" <lce... (AT) music-of-note (DOT) ch> wrote:
This is a bad idea.

I don't know if there'll be access to sensitive non FMP data on the
server, but the Debug Scripts tool will enable users to get themselves
into trouble, interrupting scripts, skipping data validation, If
statements regulating permissions, etc. The Data Viewer will allow
users to access data that you may not want them to.

You might be able to program around these issues, especially using
access privileges, but it could be a nightmare.

G

Set up your database under Accounts and Privileges so that you have
different user groups based on what privelges you want them to have.

For example, if you want Teachers to have minimal access to the Filemaker
Menu bar set the Available MenuCommands to Minimum for that privilege set.
The assign the Teacher Privilege set to all those Teachers with specific
user names. Now, when teachers who have that assigned privilege set log on
with their UserName and password they will only have minimal access to the
commands in the Mennu Bar - that should solve your problem. The trouble
is... if your tables are scattered over different fp7 files rather than all
contained as tables in one file you will not have global control of
privileges over the fp7 files like you would when all tables are in one
file - that is one of the compelling reasons for re-designing all legacy
systems with several fp7 files into one file so control of privileges to
users can be more easily controlled by the administrator.


--
Lawrance Database Designs
A J Lawrance
British Columbia, Canada
URL: http://www.members.shaw.ca/ajlawrance/index.html





"musicofnote" <lcecil (AT) music-of-note (DOT) ch> wrote

ARE YOU SURE they are upgrading to FM Pro Advanced??? I don't know of
ANY subscription programs that include multiple licenses for Pro
Advanced. Pro Advanced is always an extra $500 or so beyond
subscriptions, or some subscriptions might include a single-user copy of
Pro Advanced. FileMaker would NEVER provide ALL users with Pro
Advanced. They don't and they wouldn't. Perhaps what you are really
getting is FM Pro for the client machines and FM Server Advanced for
your server application?

That said...I agree with the other responses you've gotten so far.
Script debugger and data viewer can expose data that the solution's
developer hadn't intended on exposing. If you had a professional
developer, then this potential for data and script exposure was known
and should have been protected against if such methods would expose
critical information about the system A non-professional developer may
not have even been aware of such possibilities.

There are no differences between Pro and Pro Advanced that would allow
field data to be modified that couldn't be modified in the regular
version. But data viewer will allow memory variables to be changed,
which may effect how scripts run or how data gets placed into fields
during scripts.

But if you are upgrading from 7.0, then there was no use of variables at
that point, so this should not be an immediate problem.




musicofnote wrote:
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Howard Schlossberg (818) 883-2846
FM Professional Solutions, Inc. Los Angeles

FileMaker 8 Certified Developer
Associate Member, FileMaker Solutions Alliance

On Mar 8, 1:43 pm, Howard Schlossberg
<how... (AT) antispahm (DOT) fmprosolutions.com> wrote:
I think you are underestimating the desire of sales departments to
sell anything and everything they can to anyone and everyone they can.

I don't have any documentation of it, but I do recall something called
"Box Set" or something where you could get a volume license of ANY
product, including even SERVER!!! So you would buy 100 of these
licenses, and you could then install any of the FM products for each
user. It was supposed to increase your "flexibility" or something.

On Mar 8, 10:28 am, "AL Lawrance" <ajlawra... (AT) shaw (DOT) ca> wrote:
Keep in mind that the Tools menu, under which the Data Viewer and
Script Debugger reside are not modifiable using Custom Menus.

G

On Mar 8, 9:48 am, "Grip" <g... (AT) cybermesa (DOT) com> wrote:
Upon some experimentation, I've found that the Script Debugger only
works with Full Access accounts, so less worry there. The Data Viewer
may provide the intrepid user a way into (or out of) secure areas of
the db, but it won't be easy. So maybe I was a little alarmist.

G