Skip to Content.
Sympa Menu

grouper-dev - TomB's security view privilege

Subject: Grouper Developers Forum

List archive

TomB's security view privilege

Chronological Thread 
  • From: Chris Hyzer <>
  • To: Emily Eisbruch <>, Grouper Dev <>
  • Subject: TomB's security view privilege
  • Date: Thu, 11 Dec 2008 10:22:41 -0500
  • Accept-language: en-US
  • Acceptlanguage: en-US

Tom B,


Im thinking about the security issue, and I was wondering if you could elaborate a little more in an email a little more about why changing this:



  public static void internal_addImmediateMembership(

      Member    m   = MemberFinder.internal_findViewableMemberBySubject(s, subj);



  public static void internal_addImmediateMembership(

      Member    m   = MemberFinder.internal_findReadableMemberBySubject(s, subj);


Would not be desirable?  Originally I had though it weird if the session doing the assigning once had READ, then made the membership, then they lost READ, but then I am thinking it is like other cases where the membership would still exist, they just wouldn’t be able to add it to another group.  This sounds fine with me…






From: Emily Eisbruch [mailto:]
Sent: Thursday, December 11, 2008 9:52 AM
To: Grouper Dev
Subject: [grouper-dev] Action Items: Grouper Call 10-Dec-08


*New Action Items*  


[AI] (TomB) will create a JIRA issue related to documenting security issues, such as view privilege potentially leading to read.


[AI] (TomZ) will create a JIRA issue on the mysql key length issue.


[AI] (Bert) will send to Chris information on using a different SSL trusted route for the new Grouper client.


[AI] (TomZ) will modify the software download page to reflect the new Grouper client. 


[AI] (TomZ) will continue to look into future of ldappc and develop

options for directions.


[AI] (Chris) will create a proposal on adding attributes to various objects in Grouper. 


[AI]  (Chris, Shilen, TomZ and Gary) will run units test on various databases in preparation for the 1.4.0 release


*Carry Over Action Items*  


 [AI] (TomZ) will investigate wisdom in the Spring Framework for binary release and directory structure. 


 [AI] (TomZ) will record membership problems discovered at U. Memphis as Jira items.



Archive powered by MHonArc 2.6.16.

Top of Page