Grouper Users - Open Discussion List

[Kathryn Huxtable <>]

Okay, that's what I was afraid of. It means that central IT will have to
construct public groups. I was hoping I could distribute that, and maybe I
can, but there will need to be a policy statement that the creator signs.

-K


On 8/2/06 1:55 PM, "Tom Barton" 
<>
 wrote:

> 
> 
> Kathryn Huxtable wrote:
>> I know I can make two groups with view but without read and let an 
>> arbitrary
>> user create a compound group with those two groups. When the user does 
>> that,
>> though, the user is able to see the indirect membership of the resultant
>> group.
>> 
>> Is there a way I can prevent this? It has to do with privacy issues and
>> such.
> 
> Don't give READ to the composite group. Now, the person who forms the
> composite, using UPDATE or ADMIN priv for the composite, will
> necessarily have READ. If you don't want them to see the indirect
> membership, you'll also need to remove their ADMIN or UPDATE in order to
> remove their READ after the composite has been formed.
> 
> If your wicket is sticky enough, and you can't expose the membership of
> this private group even during the process of forming a composite in
> which it's a factor, you can create an empty group as a stand-in for the
> private group that the composite creator uses to form the composite.
> After the composite is formed, redefine READ over the composite
> appropriately, and only then make the real private group a subgroup of
> the stand-in group. Think "separation of duties".
> 
> Tom