Changing Your Security Preferences
In addition to controlling your user preferences, you can modify your Notes workstation security options. To modify these preferences, follow this procedure:
From the menu, select File, Preferences, Security Preferences to open the User Security dialog box (see Figure 3.27). You'll be asked to authenticate first before accessing the dialog box.
Figure 3.27 The User Security dialog box enables you to customize your security preferences.
Your system administrator might have created an Execution Control List for the entire organization and disabled your ability to modify it. If so, you will not be able to see or use the Workstation Security dialog box.
When the dialog box appears, you can change many options. The options are divided into six categories.
Security BasicsEnables you to perform tasks relating to your user ID file, including renewing your ID file, changing your password, dealing with a compromised password, and setting the logout settings for your workstation.
Your IdentityEnables you to perform several functions relating to your certificates, including importing and renewing certificates, creating new public keys, and requesting a name change.
Identity of OthersConsists of two subtabs that enable you to view certificates for people and services and also view certificate authorities and their issued certificates.
Notes DataManages all secret keys for document encryption. This tab includes the capability to create, import, and mail secret keys.
After you have changed your options, click the OK button to close the User Preferences dialog box.
The heart of the workstation's security is under the What Others Do tab within the security preferences (see Figure 3.28).
Figure 3.28 The User Security dialog box gives you fine-grained control over programs that execute on your workstation.
You can control the execution based on whether the program is signed or who has signed the document or mail message. Regular workstation security enables you to control the following:
Access to the file system
Access to the current database
Access to environment variables
Access to non-Notes databases
Access to external code
Access to external programs
Capability to send mail
Capability to read other databases
Capability to modify other databases
Capability to export data
Access to modify the Execution Control List (ECL)
Access to the Notes Java classes allows a Java applet to access data stored within a Notes database that might reside on your local machine. The same caution applies: You will be running someone else's Java program, and it can access data within your local databases. I recommend that you enable this option only for trusted groups or users.
Java applet security is controlled in three places. First, it is addressed in the User Preferences Advanced options. You must enable Java applets. Second, within the Execution Control List you can control whether Java applets can access your file system or the Notes Java classes. Third, within the current location document in the Advanced tab is a Java Applet Security tab. Review all these places if you suspect that Java security is giving you a problem. Finally, Java agents running on a Domino server are enabled in the Domino Directory.