CEMT Security Log

For complex topics that regular users would not be interested in. For power users and database administrators.

CEMT Security Log

Postby Ardavan » Wed Oct 17, 2018 9:34 am

Hello,
After an earlier incident no administrator is claiming responsibility for it came to my attention that the CEMT does not log everything into the securitylog table. I know there isn't much that can be done directly from the CEMT itself, but imagine this:
Agent X somehow gets an administrators CEMT credentials and uses them to create a rouge OD user, or change the password of an existing user. Agent X then proceeds to use the shadow credentials to bla bla bla.... If there is only one CEMT admin then we can shame him/her for allowing their credentials to get pwoned, but if there is more than one admin then who do we hold responsible?
There are 10 types of people in this world, those who will laugh at this joke, and those who won't. ~Annonymous Bug Writer
User avatar
Ardavan
 
Posts: 106
Joined: Sat May 15, 2010 9:10 am

Re: CEMT Security Log

Postby adearmondsattler » Wed Oct 17, 2018 9:45 am

What I gather from your post is you would like the CEMT to have an audit trail correct?
“If debugging is the process of removing bugs, then programming must be the process of putting them in.”

Allen DeArmond-Sattler
Open Dental Software
http://www.opendental.com
User avatar
adearmondsattler
 
Posts: 163
Joined: Fri Aug 23, 2013 11:29 am

Re: CEMT Security Log

Postby Ardavan » Wed Oct 17, 2018 11:54 am

Correct, my apologies for the lack of clarity.
There are 10 types of people in this world, those who will laugh at this joke, and those who won't. ~Annonymous Bug Writer
User avatar
Ardavan
 
Posts: 106
Joined: Sat May 15, 2010 9:10 am

Re: CEMT Security Log

Postby adearmondsattler » Wed Oct 17, 2018 12:11 pm

I would add votes to feature request 6767. It details requests for security and permissions in the CEMT tool.
Additionally, I would add a comment detailing your desire for an Audit Trail in the CEMT tool.
https://www.opendental.com/manual/featurerequests.html
“If debugging is the process of removing bugs, then programming must be the process of putting them in.”

Allen DeArmond-Sattler
Open Dental Software
http://www.opendental.com
User avatar
adearmondsattler
 
Posts: 163
Joined: Fri Aug 23, 2013 11:29 am

Re: CEMT Security Log

Postby Ardavan » Wed Oct 17, 2018 12:36 pm

Thanks!
There are 10 types of people in this world, those who will laugh at this joke, and those who won't. ~Annonymous Bug Writer
User avatar
Ardavan
 
Posts: 106
Joined: Sat May 15, 2010 9:10 am


Return to Advanced Topics

Who is online

Users browsing this forum: No registered users and 3 guests