Skip to Content.
Sympa Menu

grouper-dev - TomB's security view privilege

Subject: Grouper Developers Forum

List archive

TomB's security view privilege


Chronological Thread 
  • From: Chris Hyzer <>
  • To: Emily Eisbruch <>, Grouper Dev <>
  • Subject: TomB's security view privilege
  • Date: Thu, 11 Dec 2008 10:22:41 -0500
  • Accept-language: en-US
  • Acceptlanguage: en-US

Tom B,

 

Im thinking about the security issue, and I was wondering if you could elaborate a little more in an email a little more about why changing this:

 

FROM:

  public static void internal_addImmediateMembership(

      Member    m   = MemberFinder.internal_findViewableMemberBySubject(s, subj);

 

TO:

  public static void internal_addImmediateMembership(

      Member    m   = MemberFinder.internal_findReadableMemberBySubject(s, subj);

 

Would not be desirable?  Originally I had though it weird if the session doing the assigning once had READ, then made the membership, then they lost READ, but then I am thinking it is like other cases where the membership would still exist, they just wouldn’t be able to add it to another group.  This sounds fine with me…

 

Thoughts?

Thanks,

Chris

 

From: Emily Eisbruch [mailto:]
Sent: Thursday, December 11, 2008 9:52 AM
To: Grouper Dev
Subject: [grouper-dev] Action Items: Grouper Call 10-Dec-08

 

*New Action Items*  

 

[AI] (TomB) will create a JIRA issue related to documenting security issues, such as view privilege potentially leading to read.

 

[AI] (TomZ) will create a JIRA issue on the mysql key length issue.

 

[AI] (Bert) will send to Chris information on using a different SSL trusted route for the new Grouper client.

 

[AI] (TomZ) will modify the software download page to reflect the new Grouper client. 

 

[AI] (TomZ) will continue to look into future of ldappc and develop

options for directions.

 

[AI] (Chris) will create a proposal on adding attributes to various objects in Grouper. 

 

[AI]  (Chris, Shilen, TomZ and Gary) will run units test on various databases in preparation for the 1.4.0 release

 

*Carry Over Action Items*  

 

 [AI] (TomZ) will investigate wisdom in the Spring Framework for binary release and directory structure. 

 

 [AI] (TomZ) will record membership problems discovered at U. Memphis as Jira items.

  

 




Archive powered by MHonArc 2.6.16.

Top of Page