One area of potential security exposure is related to the Progress Editor. Access to the Progress Editor from your QAD application is often essential in troubleshooting technical problems. At the same time, once a user has accessed the Progress Editor, system data can be significantly exposed.

Access to the Progress Editor is available from menu 36.25.80, mgeditor.p. You can use roles to limit access to the Progress Editor in the same way as any other application menu programs. Using Role Permissions Maintain, assign appropriate access permissions to the roles you want to be able to access the Progress Editor, and then assign these roles to legitimate Progress Editor users.

Another related control that should be considered is to disallow privileges for users connecting to the application database with a blank user ID. The Disallow Blank User ID Access option on the Progress Database|Admin|Security menu is available for this purpose. See the “Maintaining Application Security” section in the Progress Client Deployment Guide for details.

Selecting this option denies all access privileges to the Progress blank User ID by placing a leading exclamation point (!) in each table and field permission specification for the database. See the next section for details.