With row-level, system-wide, data filters, it is necessary to protect the resource APIs, ADDRES(), UPDRES(), DELRES(), with safeguards against unauthorized modification of file definition resources such as IFIL definitions, conditional indexes, row-level filters, etc.
The c-tree Server can enforce different levels of File Definition Resource (FCRES) security when users modify data file definition resources such as the IFIL and DODA resources. The actual level of protection enforced for a given resource is determined by the FILEDEF_SECURITY_LEVEL configuration keyword.
The file definition resource security keyword must be specified in the c-tree Server configuration file ctsrvr.cfg. There are three different security levels for this keyword:
This is the lowest security setting. There is no protection as any user may add or delete data file definition resources. This setting may be used to keep the c-tree Server data compatible with legacy applications.
This is the default security setting. Any user may add or delete data file definition resources, but the file must be opened exclusive. This default setting may be enough to keep the c-tree Server data compatible with most legacy applications.
This is the highest security setting. A user must have file definition permission before a definition resource is added or deleted. The file must be opened exclusive. This setting is appropriate for applications that require the highest level of security and may cause compatibility problems with existing legacy applications.
Note: This feature is NOT currently enabled.