Hi All,
Even if the Default ACL level is No Access, People can open those DBs without any authentication. i.e if you copy a NSF to a different location from the OS level anyone can open that NSF provided that they have Notes installed in that PC.
What could be the problem?
Regards,
Buwaneka
Subject: There’s no “problem” - but you need to understand the security model.
To have secure databases, they need to be on a Notes server, so that users cannot make an OS copy of them. That way, if they don’t have ACL access, they don’t get to access the database.
Local Notes databases don’t generally have ACL protection, and even when they do, you can take a database copy and remove them.
The ONLY way to secure a Local Notes database is to encrypt it, so that only one ID can read it’s contents. If you don’t encrypt it, then the ACL will not protect you, as a hex-editor can modify it to give anyone access.