Menu
▾
▴
exist-development — eXist Developer's List
You can subscribe to this list here.
| 2009 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(22) |
Nov
(85) |
Dec
(20) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2010 |
Jan
(47) |
Feb
(127) |
Mar
(268) |
Apr
(78) |
May
(47) |
Jun
(38) |
Jul
(131) |
Aug
(221) |
Sep
(187) |
Oct
(54) |
Nov
(111) |
Dec
(84) |
| 2011 |
Jan
(152) |
Feb
(106) |
Mar
(94) |
Apr
(90) |
May
(53) |
Jun
(20) |
Jul
(24) |
Aug
(37) |
Sep
(32) |
Oct
(70) |
Nov
(22) |
Dec
(15) |
| 2012 |
Jan
(33) |
Feb
(110) |
Mar
(24) |
Apr
(1) |
May
(11) |
Jun
(8) |
Jul
(12) |
Aug
(37) |
Sep
(39) |
Oct
(81) |
Nov
(38) |
Dec
(50) |
| 2013 |
Jan
(23) |
Feb
(53) |
Mar
(23) |
Apr
(5) |
May
(19) |
Jun
(16) |
Jul
(16) |
Aug
(9) |
Sep
(21) |
Oct
(1) |
Nov
(2) |
Dec
(8) |
| 2014 |
Jan
(16) |
Feb
(6) |
Mar
(27) |
Apr
(1) |
May
(10) |
Jun
(1) |
Jul
(4) |
Aug
(10) |
Sep
(19) |
Oct
(22) |
Nov
(4) |
Dec
(6) |
| 2015 |
Jan
(3) |
Feb
(6) |
Mar
(9) |
Apr
|
May
(11) |
Jun
(23) |
Jul
(14) |
Aug
(10) |
Sep
(10) |
Oct
(9) |
Nov
(18) |
Dec
(4) |
| 2016 |
Jan
(5) |
Feb
(5) |
Mar
|
Apr
(2) |
May
(15) |
Jun
(2) |
Jul
(8) |
Aug
(2) |
Sep
(6) |
Oct
|
Nov
|
Dec
|
| 2017 |
Jan
(2) |
Feb
(12) |
Mar
(22) |
Apr
(6) |
May
|
Jun
|
Jul
(1) |
Aug
(1) |
Sep
(5) |
Oct
(2) |
Nov
|
Dec
|
| 2018 |
Jan
(2) |
Feb
|
Mar
|
Apr
|
May
|
Jun
(5) |
Jul
(3) |
Aug
|
Sep
(7) |
Oct
(19) |
Nov
|
Dec
|
| 2021 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
| 2022 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(3) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: James F. <jam...@ex...> - 2010-08-30 15:03:32
|
On 30 August 2010 16:57, Joe Wicentowski <jo...@gm...> wrote: > Jim, > > I noticed that the compression module now has 2 entries in conf.xml - > the one you added, and the original one just below under the "optional > modules." > > Should the 2nd one be deleted, now that compression is required for > the repo module? feel free to do so, I tend to leave any new 'core' modules in commented out area in conf.xml until we package up next release ... mostly as a reminder for myself to check on things whilst doing release packaging then I remove. ta, J |
|
From: Joe W. <jo...@gm...> - 2010-08-30 14:57:54
|
Jim, I noticed that the compression module now has 2 entries in conf.xml - the one you added, and the original one just below under the "optional modules." Should the 2nd one be deleted, now that compression is required for the repo module? Joe On Mon, Aug 23, 2010 at 6:08 AM, <cu...@us...> wrote: > Revision: 12535 > http://exist.svn.sourceforge.net/exist/?rev=12535&view=rev > Author: cutlass > Date: 2010-08-23 10:08:22 +0000 (Mon, 23 Aug 2010) > > Log Message: > ----------- > [conf] added compression module to core loaded modules now, as its a dep for repo > > Modified Paths: > -------------- > trunk/eXist/conf.xml.tmpl > > Modified: trunk/eXist/conf.xml.tmpl > =================================================================== > --- trunk/eXist/conf.xml.tmpl 2010-08-22 19:34:57 UTC (rev 12534) > +++ trunk/eXist/conf.xml.tmpl 2010-08-23 10:08:22 UTC (rev 12535) > @@ -778,6 +778,10 @@ > <module src="resource:net/xproc/xprocxq/src/xquery/xproc.xqm" > uri="http://xproc.net/xproc"/> > > + <!-- compression module//--> > + <module class="org.exist.xquery.modules.compression.CompressionModule" > + uri="http://exist-db.org/xquery/compression" /> > + > <!-- Optional Modules --> > <!-- > <module class="org.exist.backup.xquery.BackupModule" |
|
From: Joern T. <joe...@go...> - 2010-08-30 10:59:58
|
On Sun, Aug 29, 2010 at 11:55 PM, Dannes Wessels <da...@ex...> wrote: > Joern, > > we have been working on trunk this weekend: the cocoon stuff has changed a lot, it is now only available as cocoon-block. This means that we got rid of a significant load of jar files (7 meg or so), reducing potential conflicts with the jar set required for Betterform. Thanks for the message - we only had one conflict regarding ehcache. Does that mean that this won't be on the classpath any more? And further does this mean that Cocoon will stay (just for interest)? Thanks, Joern > > regards > > Dannes |
|
From: Dmitriy S. <sha...@gm...> - 2010-08-30 10:38:51
|
On Mon, 2010-08-30 at 09:28 +0200, Wolfgang Meier wrote: > > Please, check collection constructions, there are no security checks! > > Another note: there are no security checks in the internal API and I'm > not sure if we should change that. I think all checks should be done > by the end-user APIs (XMLDB, REST, WebDAV..). I do think to code separate methods with security checks on low level, so it going to be only one place check. That will make all interface behavior same. -- Cheers, Dmitriy Shabanov |
|
From: Wolfgang M. <wol...@ex...> - 2010-08-30 07:28:11
|
> Please, check collection constructions, there are no security checks! Another note: there are no security checks in the internal API and I'm not sure if we should change that. I think all checks should be done by the end-user APIs (XMLDB, REST, WebDAV..). Wolfgang |
|
From: Dmitriy S. <sha...@gm...> - 2010-08-30 06:18:36
|
On Sun, 2010-08-29 at 15:43 -0500, Loren Cahlander wrote: > You need read access to the parent collection to get to the resource > at all. It is redundant to check the read permission of the parent > collection. Please, check collection constructions, there are no security checks! There is also should be check on methods like 'createResource'. -- Cheers, Dmitriy Shabanov |
|
From: Dannes W. <da...@ex...> - 2010-08-29 21:55:21
|
Joern, we have been working on trunk this weekend: the cocoon stuff has changed a lot, it is now only available as cocoon-block. This means that we got rid of a significant load of jar files (7 meg or so), reducing potential conflicts with the jar set required for Betterform. regards Dannes |
|
From: Loren C. <lor...@gm...> - 2010-08-29 20:49:51
|
You need read access to the parent collection to get to the resource at all. It is redundant to check the read permission of the parent collection.
There were three items being checked creation date-time, last update date-time and resource size. This change had to be done to the XML resource and the binary resource.
I also see the point about changing in two places. There is little reason to have the implementation of getCreationTime(), getLastModificationTime(), and getContentLength() in the two concrete classes. There is an abstract method for all three of these in AbstractExistResource and the implementations are nearly identical and could be. There is also the check in LocalBinaryResource for:
if (isNewResource)
throw new XMLDBException(ErrorCodes.INVALID_RESOURCE, "The resource has not yet been stored");
and that is not in LocalXMLResource. I will move these three methods implementation up to AbstractExistResource and test to see if there are any changes to the system.
Loren
On Aug 29, 2010, at 03:20 PM, Dmitriy Shabanov wrote:
> Why did you remove all security checks? I did show to you that there
> must be one, on parent collection permissions.
>
> Another why: if you change one interface functional, you must do same
> changers to others!
|
|
From: Dmitriy S. <sha...@gm...> - 2010-08-29 20:20:03
|
Why did you remove all security checks? I did show to you that there must be one, on parent collection permissions. Another why: if you change one interface functional, you must do same changers to others! On Sun, 2010-08-29 at 19:55 +0000, ix...@us... wrote: > Revision: 12607 > http://exist.svn.sourceforge.net/exist/?rev=12607&view=rev > Author: ixitar > Date: 2010-08-29 19:55:16 +0000 (Sun, 29 Aug 2010) > > Log Message: > ----------- > [bugfix] Allow for the accessing of the metadata about a resource where the user does not have read permission to the contents of the resource. This is necessary for the case of listing the contents of a collection where the user has read access to the collection, but does not have read access to some of the resources within the collection. > > Below is a case from a Mac OS X system (works the same under linux). Here is a link to what the access should be under linux/unix: > > http://www.zzee.com/solutions/linux-permissions.shtml#zzee_link_9_1077830297 > > And here is the link to the documentation under eXist: > > http://exist-db.org/security.html#permissions > > lorens-mac:tmp fred$ ls -al > total 8 > drwxrwxrwt 9 root wheel 306 Aug 27 12:40 . > drwxr-xr-x@ 6 root wheel 204 Dec 10 2009 .. > -rw-r--r-- 1 fred wheel 0 Aug 27 11:35 .yjp_ide51928 > srwxr-xr-x 1 fred wheel 0 Aug 26 23:15 icssuis501 > drwx------ 3 fred wheel 102 Aug 26 23:14 launch-Lk9wGt > drwx------ 3 fred wheel 102 Aug 26 23:14 launch-qXSOwK > drwx------ 3 fred wheel 102 Aug 26 23:14 launch-y3HLPq > drwx------ 3 fred wheel 102 Aug 26 23:14 launchd-131.SHiPK0 > -rwx------ 1 root wheel 36 Aug 27 12:40 noread.txt > lorens-mac:tmp fred$ who am i > fred ttys000 Aug 27 12:39 > lorens-mac:tmp fred$ cat noread.txt > cat: noread.txt: Permission denied > lorens-mac:tmp fred$ > > You can see that I am not running as root. The listing of the contents of /tmp shows all of the metadata about the contents of /tmp, but I do not have read access to /tmp/noread.txt which is evident when I try to cat the file. > > Modified Paths: > -------------- > trunk/eXist/src/org/exist/xmldb/LocalBinaryResource.java > trunk/eXist/src/org/exist/xmldb/LocalXMLResource.java > > Modified: trunk/eXist/src/org/exist/xmldb/LocalBinaryResource.java > =================================================================== > --- trunk/eXist/src/org/exist/xmldb/LocalBinaryResource.java 2010-08-29 18:44:44 UTC (rev 12606) > +++ trunk/eXist/src/org/exist/xmldb/LocalBinaryResource.java 2010-08-29 19:55:16 UTC (rev 12607) > @@ -22,20 +22,10 @@ > */ > package org.exist.xmldb; > > -import java.io.BufferedOutputStream; > -import java.io.ByteArrayInputStream; > -import java.io.File; > -import java.io.FileInputStream; > -import java.io.FileNotFoundException; > -import java.io.FileOutputStream; > -import java.io.IOException; > -import java.io.InputStream; > -import java.io.OutputStream; > -import java.util.Date; > - > import org.exist.EXistException; > import org.exist.dom.BinaryDocument; > import org.exist.dom.DocumentImpl; > +import org.exist.external.org.apache.commons.io.output.ByteArrayOutputStream; > import org.exist.security.Permission; > import org.exist.security.Subject; > import org.exist.storage.BrokerPool; > @@ -49,7 +39,8 @@ > import org.xmldb.api.base.XMLDBException; > import org.xmldb.api.modules.BinaryResource; > > -import org.exist.external.org.apache.commons.io.output.ByteArrayOutputStream; > +import java.io.*; > +import java.util.Date; > > /** > * @author wolf > @@ -335,10 +326,6 @@ > try { > broker = pool.get(user); > BinaryDocument blob = (BinaryDocument)getDocument(broker, Lock.NO_LOCK); > - if (!blob.getPermissions().validate(user, Permission.READ)) > - throw new XMLDBException( > - ErrorCodes.PERMISSION_DENIED, > - "permission denied to read resource"); > return new Date(blob.getMetadata().getCreated()); > } catch (EXistException e) { > throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(), e); > @@ -357,10 +344,6 @@ > try { > broker = pool.get(user); > BinaryDocument blob = (BinaryDocument)getDocument(broker, Lock.NO_LOCK); > - if (!blob.getPermissions().validate(user, Permission.READ)) > - throw new XMLDBException( > - ErrorCodes.PERMISSION_DENIED, > - "permission denied to read resource"); > return new Date(blob.getMetadata().getLastModified()); > } catch (EXistException e) { > throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(), e); > @@ -379,10 +362,6 @@ > try { > broker = pool.get(user); > BinaryDocument blob = (BinaryDocument)getDocument(broker, Lock.NO_LOCK); > - if (!blob.getPermissions().validate(user, Permission.READ)) > - throw new XMLDBException( > - ErrorCodes.PERMISSION_DENIED, > - "permission denied to read resource"); > mimeType = blob.getMetadata().getMimeType(); > return mimeType; > } catch (EXistException e) { > @@ -420,9 +399,6 @@ > try { > broker = pool.get(user); > DocumentImpl document = getDocument(broker, Lock.NO_LOCK); > - if (!document.getPermissions().validate(user, Permission.READ)) > - throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, > - "permission denied to read resource"); > return document.getContentLength(); > } catch (EXistException e) { > throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(), > > Modified: trunk/eXist/src/org/exist/xmldb/LocalXMLResource.java > =================================================================== > --- trunk/eXist/src/org/exist/xmldb/LocalXMLResource.java 2010-08-29 18:44:44 UTC (rev 12606) > +++ trunk/eXist/src/org/exist/xmldb/LocalXMLResource.java 2010-08-29 19:55:16 UTC (rev 12607) > @@ -21,15 +21,6 @@ > */ > package org.exist.xmldb; > > -import java.io.File; > -import java.io.IOException; > -import java.io.StringWriter; > -import java.io.UnsupportedEncodingException; > -import java.util.Date; > -import java.util.Properties; > - > -import javax.xml.transform.TransformerException; > - > import org.exist.EXistException; > import org.exist.dom.DocumentImpl; > import org.exist.dom.NodeProxy; > @@ -58,17 +49,21 @@ > import org.exist.xquery.value.Type; > import org.w3c.dom.DocumentType; > import org.w3c.dom.Node; > -import org.xml.sax.ContentHandler; > -import org.xml.sax.InputSource; > -import org.xml.sax.SAXException; > -import org.xml.sax.SAXNotRecognizedException; > -import org.xml.sax.SAXNotSupportedException; > +import org.xml.sax.*; > import org.xml.sax.ext.LexicalHandler; > import org.xmldb.api.base.Collection; > import org.xmldb.api.base.ErrorCodes; > import org.xmldb.api.base.XMLDBException; > import org.xmldb.api.modules.XMLResource; > > +import javax.xml.transform.TransformerException; > +import java.io.File; > +import java.io.IOException; > +import java.io.StringWriter; > +import java.io.UnsupportedEncodingException; > +import java.util.Date; > +import java.util.Properties; > + > /** > * Local implementation of XMLResource. > */ > @@ -328,9 +323,6 @@ > try { > broker = pool.get(user); > DocumentImpl document = getDocument(broker, Lock.NO_LOCK); > - if (!document.getPermissions().validate(user, Permission.READ)) > - throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, > - "permission denied to read resource"); > return new Date(document.getMetadata().getCreated()); > } catch (EXistException e) { > throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(), > @@ -345,9 +337,6 @@ > try { > broker = pool.get(user); > DocumentImpl document = getDocument(broker, Lock.NO_LOCK); > - if (!document.getPermissions().validate(user, Permission.READ)) > - throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, > - "permission denied to read resource"); > return new Date(document.getMetadata().getLastModified()); > } catch (EXistException e) { > throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(), > @@ -365,9 +354,6 @@ > try { > broker = pool.get(user); > DocumentImpl document = getDocument(broker, Lock.NO_LOCK); > - if (!document.getPermissions().validate(user, Permission.READ)) > - throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, > - "permission denied to read resource"); > return document.getContentLength(); > } catch (EXistException e) { > throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(), > > > This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. > > ------------------------------------------------------------------------------ > Sell apps to millions through the Intel(R) Atom(Tm) Developer Program > Be part of this innovative community and reach millions of netbook users > worldwide. Take advantage of special opportunities to increase revenue and > speed time-to-market. Join now, and jumpstart your future. > http://p.sf.net/sfu/intel-atom-d2d > _______________________________________________ > Exist-commits mailing list > Exi...@li... > https://lists.sourceforge.net/lists/listinfo/exist-commits -- Cheers, Dmitriy Shabanov |
|
From: Dmitriy S. <sha...@gm...> - 2010-08-29 18:43:31
|
On Mon, 2010-08-23 at 13:21 +0500, Dmitriy Shabanov wrote: > On Sun, 2010-08-22 at 14:16 -0400, Andrzej Jan Taramina wrote: > > Dmitriy: > > > > > I did made second stage commits: > > > > Excellent...glad to see you are making progress! > > > > > TODO: > > > 1. fix backup restore, automatic /db/system/users.xml migration question > > > 2. principal delete procedure > > > 3. make sure that old clients will work with new API, as example oXygen > > > with old libs > > > 4. stabilization > > > > I'm really keen on 1 & 4. Any ETA on when you think that might be ready for testing with existing databases? > > I really want to finish in 2-3 days, let's be optimistic from 3 to 6 > days. #1 should be done today. > The items 1 & 2 should be done. Let me know if any problem. -- Cheers, Dmitriy Shabanov |
On Sun, 2010-08-29 at 18:52 +0500, Dmitriy Shabanov wrote: > Hello, > > I did check on linux box, the result quite simple, read permission > required to see metadata. > > In your example: you have access, because you have read permission > (see > last 'r'). Small adjustment: parent collection control subresource (including collection) metadata access. -- Cheers, Dmitriy Shabanov |
Hello,
I did check on linux box, the result quite simple, read permission
required to see metadata.
In your example: you have access, because you have read permission (see
last 'r').
--
Cheers,
Dmitriy Shabanov
On Fri, 2010-08-27 at 14:20 -0500, Loren Cahlander wrote:
> /tmp's permissions are:
>
>
> > drwxrwxrwt 9 root wheel 306 Aug 27 12:40 .
>
>
>
> and /'s permissions are:
>
>
> > drwxr-xr-x@ 6 root wheel 204 Dec 10 2009 ..
>
>
>
>
>
> lorens-mac:tmp lcahlander$ groups
> staff com.apple.sharepoint.group.3 _developer _lpoperator _lpadmin
> _appserveradm admin _appserverusr localaccounts everyone
> com.apple.access_screensharing com.apple.sharepoint.group.2
> com.apple.sharepoint.group.1
>
>
> I am also thinking that we can remove any security check on
> getCreationTime(), getLastModificationTime() and getContentLength()
> due to the fact that you need to have read permission on the
> collection to get to the resource. All permission validation for the
> metadata on the resource has already happened. We only need to check
> the permissions for the various methods accessing the content of the
> resource.
>
>
>
>
> On Aug 27, 2010, at 12:54 PM, Dmitriy Shabanov wrote:
>
> > Can you show tmp's permissions & your groups?
> >
> > On Fri, Aug 27, 2010 at 10:45 PM, Loren Cahlander
> > <lor...@gm...> wrote:
> > Here is what I mean with an example under Mac OS X (The same
> > thing will work under Linux):
> >
> >
> > lorens-mac:tmp lcahlander$ ls -al
> > total 8
> > drwxrwxrwt 9 root wheel 306 Aug 27 12:40 .
> > drwxr-xr-x@ 6 root wheel 204 Dec 10 2009 ..
> > -rw-r--r-- 1 lcahlander wheel 0 Aug 27
> > 11:35 .yjp_ide51928
> > srwxr-xr-x 1 lcahlander wheel 0 Aug 26 23:15 icssuis501
> > drwx------ 3 lcahlander wheel 102 Aug 26 23:14
> > launch-Lk9wGt
> > drwx------ 3 lcahlander wheel 102 Aug 26 23:14
> > launch-qXSOwK
> > drwx------ 3 lcahlander wheel 102 Aug 26 23:14
> > launch-y3HLPq
> > drwx------ 3 lcahlander wheel 102 Aug 26 23:14
> > launchd-131.SHiPK0
> > -rwx------ 1 root wheel 36 Aug 27 12:40 noread.txt
> > lorens-mac:tmp lcahlander$ who am i
> > lcahlander ttys000 Aug 27 12:39
> > lorens-mac:tmp lcahlander$ cat noread.txt
> > cat: noread.txt: Permission denied
> > lorens-mac:tmp lcahlander$
> >
> >
> > You can see that I am not running as root. The listing of
> > the contents of /tmp shows all of the metadata about the
> > contents of /tmp, but I do not have read access
> > to /tmp/noread.txt which is evident when I try to cat the
> > file.
> >
> > On Aug 27, 2010, at 12:28 PM, Loren Cahlander wrote:
> >
> > > When I was thinking through this problem (some of it
> > > during sleeping), I was thinking that this original
> > > statement was wrong. If the user has read access to a
> > > collection, then he/she can see the listing of the
> > > collections and resources within the collection. The
> > > problem that the WebDAV client was encountering was
> > > accessing the creation date, last modified date and the
> > > size of the resource when the user does not have read
> > > access to the resource. This is wrong. If the user has
> > > read access to the parent collection and not to the
> > > resource being listed, then the user should have access to
> > > the creation date, last modified date and the size of the
> > > resource but no to the contents of the resource.
> > >
> > >
> > >
> > >
> > > In org.exist.xmldb.LocalXMLResource:
> > >
> > >
> > > The following:
> > >
> > >
> > > public Date getCreationTime() throws XMLDBException {
> > > DBBroker broker = null;
> > > try {
> > > broker = pool.get(user);
> > > DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> > > if (!document.getPermissions().validate(user,
> > > Permission.READ))
> > > throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
> > > "permission denied to read resource");
> > > return new Date(document.getMetadata().getCreated());
> > > } catch (EXistException e) {
> > > throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR,
> > > e.getMessage(),
> > > e);
> > > } finally {
> > > pool.release(broker);
> > > }
> > > }
> > >
> > >
> > > public Date getLastModificationTime() throws
> > > XMLDBException {
> > > DBBroker broker = null;
> > > try {
> > > broker = pool.get(user);
> > > DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> > > if (!document.getPermissions().validate(user,
> > > Permission.READ))
> > > throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
> > > "permission denied to read resource");
> > > return new Date(document.getMetadata().getLastModified());
> > > } catch (EXistException e) {
> > > throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR,
> > > e.getMessage(),
> > > e);
> > > } finally {
> > > pool.release(broker);
> > > }
> > > }
> > >
> > > /* (non-Javadoc)
> > > * @see org.exist.xmldb.EXistResource#getContentLength()
> > > */
> > > public int getContentLength() throws XMLDBException {
> > > DBBroker broker = null;
> > > try {
> > > broker = pool.get(user);
> > > DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> > > if (!document.getPermissions().validate(user,
> > > Permission.READ))
> > > throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
> > > "permission denied to read resource");
> > > return document.getContentLength();
> > > } catch (EXistException e) {
> > > throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR,
> > > e.getMessage(),
> > > e);
> > > } finally {
> > > pool.release(broker);
> > > }
> > > }
> > >
> > >
> > > To:
> > >
> > >
> > >
> > >
> > > public Date getCreationTime() throws XMLDBException {
> > > DBBroker broker = null;
> > > try {
> > > LocalCollection parent =
> > > (LocalCollection)getParentCollection();
> > > if (!
> > > parent.getCollection().getPermissions().validate(user, Permission.READ)) {
> > > throw new
> > > XMLDBException(ErrorCodes.PERMISSION_DENIED, "permission denied to read resource");
> > >
> > > }
> > > broker = pool.get(user);
> > > DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> > > return new Date(document.getMetadata().getCreated());
> > > } catch (EXistException e) {
> > > throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR,
> > > e.getMessage(),
> > > e);
> > > } finally {
> > > pool.release(broker);
> > > }
> > > }
> > >
> > >
> > > public Date getLastModificationTime() throws
> > > XMLDBException {
> > > DBBroker broker = null;
> > > try {
> > > LocalCollection parent =
> > > (LocalCollection)getParentCollection();
> > > if (!
> > > parent.getCollection().getPermissions().validate(user, Permission.READ)) {
> > > throw new
> > > XMLDBException(ErrorCodes.PERMISSION_DENIED, "permission denied to read resource");
> > >
> > > }
> > > broker = pool.get(user);
> > > DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> > > return new Date(document.getMetadata().getLastModified());
> > > } catch (EXistException e) {
> > > throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR,
> > > e.getMessage(),
> > > e);
> > > } finally {
> > > pool.release(broker);
> > > }
> > > }
> > >
> > > /* (non-Javadoc)
> > > * @see org.exist.xmldb.EXistResource#getContentLength()
> > > */
> > > public int getContentLength() throws XMLDBException {
> > > DBBroker broker = null;
> > > try {
> > > LocalCollection parent =
> > > (LocalCollection)getParentCollection();
> > > if (!
> > > parent.getCollection().getPermissions().validate(user, Permission.READ)) {
> > > throw new
> > > XMLDBException(ErrorCodes.PERMISSION_DENIED, "permission denied to read resource");
> > >
> > > }
> > > broker = pool.get(user);
> > > DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> > > return document.getContentLength();
> > > } catch (EXistException e) {
> > > throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR,
> > > e.getMessage(),
> > > e);
> > > } finally {
> > > pool.release(broker);
> > > }
> > > }
> > >
> > >
> > > The same problem exists
> > > in org.exist.xmldb.LocalBinaryResource. If I get the
> > > community buy in, then I will go ahead and make this
> > > change to these two source files.
> > >
> > >
> > > This would match our documentation on permissions:
> > >
> > >
> > > http://exist-db.org/security.html#permissions
> > >
> > >
> > >
> > >
> > > Loren
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > On Aug 26, 2010, at 04:34 PM, Loren Cahlander wrote:
> > >
> > > > Hello folks,
> > > >
> > > >
> > > > I found a security hole in the XMLDB function module
> > > > while trying to lock down the WebDAV access so that
> > > > guest cannot see the database contents. I removed the
> > > > rwu from other/world on all resources (rwurwu---) and am
> > > > getting the following while trying to see
> > > > http://localhost:8080/exist/webdav/db/cms as guest:
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > org.exist.xquery.XPathException: Failed to retrieve
> > > > creation date: permission denied to read resource [at
> > > > line 56, column 36]
> > > > In function:
> > > > f:format-dateTime(xs:dateTime)
> > > > [56:18:jar:file:/home/exist/exist/exist-optional.jar!/org/exist/http/webdav/methods/collection.xq]
> > > > f:display-child-resources(xs:string)
> > > > [96:14:jar:file:/home/exist/exist/exist-optional.jar!/org/exist/http/webdav/methods/collection.xq]
> > > >
> > > >
> > > >
> > > >
> > > > The content of the function in collection.xq is:
> > > >
> > > >
> > > > declare function f:display-child-resources($collection
> > > > as xs:string)
> > > > as element()* {
> > > > for $child in xdb:get-child-resources($collection)
> > > > order by $child
> > > > return
> > > > <tr>
> > > > <td><a target="_new"
> > > > href="{$uri}/{$child}">{$child}</a></td>
> > > > <td
> > > > class="perm">{xdb:permissions-to-string(xdb:get-permissions($collection, $child))}</td>
> > > > <td>{xdb:get-owner($collection,
> > > > $child)}</td>
> > > > <td>{xdb:get-group($collection,
> > > > $child)}</td>
> > > >
> > > > <td>{f:format-dateTime(xdb:created($collection,
> > > > $child))}</td>
> > > >
> > > > <td>{f:format-dateTime(xdb:last-modified($collection,
> > > > $child))}</td>
> > > > <td>{fn:ceiling(xdb:size($collection,
> > > > $child) div 1024)}</td>
> > > > </tr>
> > > > };
> > > >
> > > >
> > > > The xdb:get-child-resources($collection) should only
> > > > return the resources that the current user has read
> > > > access to. Here is the content of the method in
> > > > org.exist.xquery.functions.xmldb.XMLDBGetChildResources
> > > >
> > > >
> > > > public Sequence evalWithCollection(Collection
> > > > collection, Sequence[] args, Sequence contextSequence)
> > > > throws XPathException {
> > > > ValueSequence result = new ValueSequence();
> > > > try {
> > > > String[] collections = collection.listResources();
> > > > for(int i = 0; i < collections.length; i++) {
> > > > //TODO: Add validating read permission against the
> > > > current user
> > > > result.add(new StringValue(collections[i]));
> > > > }
> > > > return result;
> > > > } catch (XMLDBException e) {
> > > > throw new XPathException(this, "Failed to retrieve child
> > > > resources", e);
> > > > }
> > > > }
> > > >
> > > >
> > > > org.exist.xquery.functions.xmldb.XMLDBGetChildCollections has the same issue:
> > > >
> > > >
> > > > public Sequence evalWithCollection(Collection
> > > > collection, Sequence[] args, Sequence contextSequence)
> > > > throws XPathException {
> > > >
> > > > ValueSequence result = new ValueSequence();
> > > > try {
> > > > String[] collections =
> > > > collection.listChildCollections();
> > > > for(int i = 0; i < collections.length; i++) {
> > > > //TODO: Add validating read permission against the
> > > > current user
> > > > result.add(new StringValue(collections[i]));
> > > > }
> > > > return result;
> > > > } catch (XMLDBException e) {
> > > > throw new XPathException(this, "Failed to retrieve child
> > > > collections", e);
> > > > }
> > > > }
|
|
From: Dmitriy S. <sha...@gm...> - 2010-08-29 13:48:17
|
On Sun, 2010-08-29 at 11:33 +0200, Wolfgang Meier wrote: > > Would 'normal' lock mechanism be suitable here? Or any restrictions that > > do not allow to use it? > > I'm not yet sure of the consequences. I do believe without further > exploration that we could switch to a multi-read/exclusive write lock > mechanism in some places, though this would require some changes to > the cache management (which could - in return - result in new locks > being introduced ;-). The goal, let me repeat, would be to speed up > non index-assisted, non-optimized access to the DOM. Index-assisted > access itself is pretty fast and does allow for good concurrency. > > But we have to be very careful here since the architecture is complex: > you have to consider transactional integrity, journalling, caching and > other aspects. If we change anything, we have to proceed carefully and > in very small steps. Stability is always my top priority. I was wonder: "is there are restrictions?" So, answer "no" is good here ;-) -- Cheers, Dmitriy Shabanov |
|
From: Wolfgang M. <wol...@ex...> - 2010-08-29 09:33:38
|
> Would 'normal' lock mechanism be suitable here? Or any restrictions that > do not allow to use it? I'm not yet sure of the consequences. I do believe without further exploration that we could switch to a multi-read/exclusive write lock mechanism in some places, though this would require some changes to the cache management (which could - in return - result in new locks being introduced ;-). The goal, let me repeat, would be to speed up non index-assisted, non-optimized access to the DOM. Index-assisted access itself is pretty fast and does allow for good concurrency. But we have to be very careful here since the architecture is complex: you have to consider transactional integrity, journalling, caching and other aspects. If we change anything, we have to proceed carefully and in very small steps. Stability is always my top priority. Wolfgang |
|
From: Dmitriy S. <sha...@gm...> - 2010-08-29 06:55:19
|
On Sat, 2010-08-28 at 19:06 +0200, Wolfgang Meier wrote: > > Instead, eXist has artificially limited access to dom.dbx to a single thread (at a time). > > The assumption is that - during a query - dom.dbx is only read at > serialization time and only to read out a sequence of pages to display > the final query result to the user. > > It's a complex interplay between cache manager, transaction log and > other components. I agree there could be ways to allow concurrent read > access to dom.dbx at the same time, but we would need to carefully > discuss the implications. Would 'normal' lock mechanism be suitable here? Or any restrictions that do not allow to use it? -- Cheers, Dmitriy Shabanov |
|
From: Wolfgang M. <wol...@ex...> - 2010-08-28 17:06:45
|
> Instead, eXist has artificially limited access to dom.dbx to a single thread (at a time). The assumption is that - during a query - dom.dbx is only read at serialization time and only to read out a sequence of pages to display the final query result to the user. It's a complex interplay between cache manager, transaction log and other components. I agree there could be ways to allow concurrent read access to dom.dbx at the same time, but we would need to carefully discuss the implications. Wolfgang |
|
From: Wolfgang M. <wol...@ex...> - 2010-08-28 16:49:23
|
> You ignored most of what I wrote in my previous emails, which I find a > bit unfriendly: if your query is formulated in the right way and you > have the proper indexes in place, the query engine SHOULD NOT access > dom.dbx AT ALL!!!!!!!!!!!!!!! I don't think dom.dbx is the bottleneck > - it's the QUERY. Just re-read your last email and I see you did test an optimized query in addition to the slow query. But my point is that you should first try to optimize all queries and only test those. Wolfgang |
|
From: Wolfgang M. <wol...@ex...> - 2010-08-28 16:44:07
|
> Java is capable of reading data from the same file from multiple threads simultaneously. In > smaller data sets (hundreds of MB), the entire database will be cached in memory by the > OS, so multiple concurrent access is fast. You forgot one thing: eXist does not access the dbx files directly, but always through the cache manager, which caches the btree as well as data pages. Only the cache manager writes or reads to files and you need to make sure that all threads see the same pages at any time. I agree that access to dom.dbx could be more fine-grained (e.g. on the page level), but I think you should rather look into other aspects (see below). > And please let me know if I have reached a wrong conclusion here. It's a complex subject, > and it's easy to miss things. You ignored most of what I wrote in my previous emails, which I find a bit unfriendly: if your query is formulated in the right way and you have the proper indexes in place, the query engine SHOULD NOT access dom.dbx AT ALL!!!!!!!!!!!!!!! I don't think dom.dbx is the bottleneck - it's the QUERY. Even for testing, please make sure your query is properly optimized or your test won't be realistic. I'd like to move this discussion over to the development list as it will get too technical. Wolfgang |
/tmp's permissions are:
> drwxrwxrwt 9 root wheel 306 Aug 27 12:40 .
and /'s permissions are:
> drwxr-xr-x@ 6 root wheel 204 Dec 10 2009 ..
lorens-mac:tmp lcahlander$ groups
staff com.apple.sharepoint.group.3 _developer _lpoperator _lpadmin _appserveradm admin _appserverusr localaccounts everyone com.apple.access_screensharing com.apple.sharepoint.group.2 com.apple.sharepoint.group.1
I am also thinking that we can remove any security check on getCreationTime(), getLastModificationTime() and getContentLength() due to the fact that you need to have read permission on the collection to get to the resource. All permission validation for the metadata on the resource has already happened. We only need to check the permissions for the various methods accessing the content of the resource.
On Aug 27, 2010, at 12:54 PM, Dmitriy Shabanov wrote:
> Can you show tmp's permissions & your groups?
>
> On Fri, Aug 27, 2010 at 10:45 PM, Loren Cahlander <lor...@gm...> wrote:
> Here is what I mean with an example under Mac OS X (The same thing will work under Linux):
>
> lorens-mac:tmp lcahlander$ ls -al
> total 8
> drwxrwxrwt 9 root wheel 306 Aug 27 12:40 .
> drwxr-xr-x@ 6 root wheel 204 Dec 10 2009 ..
> -rw-r--r-- 1 lcahlander wheel 0 Aug 27 11:35 .yjp_ide51928
> srwxr-xr-x 1 lcahlander wheel 0 Aug 26 23:15 icssuis501
> drwx------ 3 lcahlander wheel 102 Aug 26 23:14 launch-Lk9wGt
> drwx------ 3 lcahlander wheel 102 Aug 26 23:14 launch-qXSOwK
> drwx------ 3 lcahlander wheel 102 Aug 26 23:14 launch-y3HLPq
> drwx------ 3 lcahlander wheel 102 Aug 26 23:14 launchd-131.SHiPK0
> -rwx------ 1 root wheel 36 Aug 27 12:40 noread.txt
> lorens-mac:tmp lcahlander$ who am i
> lcahlander ttys000 Aug 27 12:39
> lorens-mac:tmp lcahlander$ cat noread.txt
> cat: noread.txt: Permission denied
> lorens-mac:tmp lcahlander$
>
> You can see that I am not running as root. The listing of the contents of /tmp shows all of the metadata about the contents of /tmp, but I do not have read access to /tmp/noread.txt which is evident when I try to cat the file.
>
> On Aug 27, 2010, at 12:28 PM, Loren Cahlander wrote:
>
>> When I was thinking through this problem (some of it during sleeping), I was thinking that this original statement was wrong. If the user has read access to a collection, then he/she can see the listing of the collections and resources within the collection. The problem that the WebDAV client was encountering was accessing the creation date, last modified date and the size of the resource when the user does not have read access to the resource. This is wrong. If the user has read access to the parent collection and not to the resource being listed, then the user should have access to the creation date, last modified date and the size of the resource but no to the contents of the resource.
>>
>>
>> In org.exist.xmldb.LocalXMLResource:
>>
>> The following:
>>
>> public Date getCreationTime() throws XMLDBException {
>> DBBroker broker = null;
>> try {
>> broker = pool.get(user);
>> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
>> if (!document.getPermissions().validate(user, Permission.READ))
>> throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
>> "permission denied to read resource");
>> return new Date(document.getMetadata().getCreated());
>> } catch (EXistException e) {
>> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
>> e);
>> } finally {
>> pool.release(broker);
>> }
>> }
>>
>> public Date getLastModificationTime() throws XMLDBException {
>> DBBroker broker = null;
>> try {
>> broker = pool.get(user);
>> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
>> if (!document.getPermissions().validate(user, Permission.READ))
>> throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
>> "permission denied to read resource");
>> return new Date(document.getMetadata().getLastModified());
>> } catch (EXistException e) {
>> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
>> e);
>> } finally {
>> pool.release(broker);
>> }
>> }
>>
>> /* (non-Javadoc)
>> * @see org.exist.xmldb.EXistResource#getContentLength()
>> */
>> public int getContentLength() throws XMLDBException {
>> DBBroker broker = null;
>> try {
>> broker = pool.get(user);
>> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
>> if (!document.getPermissions().validate(user, Permission.READ))
>> throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
>> "permission denied to read resource");
>> return document.getContentLength();
>> } catch (EXistException e) {
>> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
>> e);
>> } finally {
>> pool.release(broker);
>> }
>> }
>>
>> To:
>>
>>
>> public Date getCreationTime() throws XMLDBException {
>> DBBroker broker = null;
>> try {
>> LocalCollection parent = (LocalCollection)getParentCollection();
>> if (!parent.getCollection().getPermissions().validate(user, Permission.READ)) {
>> throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, "permission denied to read resource");
>>
>> }
>> broker = pool.get(user);
>> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
>> return new Date(document.getMetadata().getCreated());
>> } catch (EXistException e) {
>> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
>> e);
>> } finally {
>> pool.release(broker);
>> }
>> }
>>
>> public Date getLastModificationTime() throws XMLDBException {
>> DBBroker broker = null;
>> try {
>> LocalCollection parent = (LocalCollection)getParentCollection();
>> if (!parent.getCollection().getPermissions().validate(user, Permission.READ)) {
>> throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, "permission denied to read resource");
>>
>> }
>> broker = pool.get(user);
>> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
>> return new Date(document.getMetadata().getLastModified());
>> } catch (EXistException e) {
>> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
>> e);
>> } finally {
>> pool.release(broker);
>> }
>> }
>>
>> /* (non-Javadoc)
>> * @see org.exist.xmldb.EXistResource#getContentLength()
>> */
>> public int getContentLength() throws XMLDBException {
>> DBBroker broker = null;
>> try {
>> LocalCollection parent = (LocalCollection)getParentCollection();
>> if (!parent.getCollection().getPermissions().validate(user, Permission.READ)) {
>> throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, "permission denied to read resource");
>>
>> }
>> broker = pool.get(user);
>> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
>> return document.getContentLength();
>> } catch (EXistException e) {
>> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
>> e);
>> } finally {
>> pool.release(broker);
>> }
>> }
>>
>> The same problem exists in org.exist.xmldb.LocalBinaryResource. If I get the community buy in, then I will go ahead and make this change to these two source files.
>>
>> This would match our documentation on permissions:
>>
>> http://exist-db.org/security.html#permissions
>>
>>
>> Loren
>>
>>
>>
>>
>>
>>
>> On Aug 26, 2010, at 04:34 PM, Loren Cahlander wrote:
>>
>>> Hello folks,
>>>
>>> I found a security hole in the XMLDB function module while trying to lock down the WebDAV access so that guest cannot see the database contents. I removed the rwu from other/world on all resources (rwurwu---) and am getting the following while trying to see http://localhost:8080/exist/webdav/db/cms as guest:
>>>
>>>
>>>
>>> org.exist.xquery.XPathException: Failed to retrieve creation date: permission denied to read resource [at line 56, column 36]
>>> In function:
>>> f:format-dateTime(xs:dateTime) [56:18:jar:file:/home/exist/exist/exist-optional.jar!/org/exist/http/webdav/methods/collection.xq]
>>> f:display-child-resources(xs:string) [96:14:jar:file:/home/exist/exist/exist-optional.jar!/org/exist/http/webdav/methods/collection.xq]
>>>
>>>
>>> The content of the function in collection.xq is:
>>>
>>> declare function f:display-child-resources($collection as xs:string)
>>> as element()* {
>>> for $child in xdb:get-child-resources($collection)
>>> order by $child
>>> return
>>> <tr>
>>> <td><a target="_new" href="{$uri}/{$child}">{$child}</a></td>
>>> <td class="perm">{xdb:permissions-to-string(xdb:get-permissions($collection, $child))}</td>
>>> <td>{xdb:get-owner($collection, $child)}</td>
>>> <td>{xdb:get-group($collection, $child)}</td>
>>> <td>{f:format-dateTime(xdb:created($collection, $child))}</td>
>>> <td>{f:format-dateTime(xdb:last-modified($collection, $child))}</td>
>>> <td>{fn:ceiling(xdb:size($collection, $child) div 1024)}</td>
>>> </tr>
>>> };
>>>
>>> The xdb:get-child-resources($collection) should only return the resources that the current user has read access to. Here is the content of the method in org.exist.xquery.functions.xmldb.XMLDBGetChildResources
>>>
>>> public Sequence evalWithCollection(Collection collection, Sequence[] args, Sequence contextSequence)
>>> throws XPathException {
>>> ValueSequence result = new ValueSequence();
>>> try {
>>> String[] collections = collection.listResources();
>>> for(int i = 0; i < collections.length; i++) {
>>> //TODO: Add validating read permission against the current user
>>> result.add(new StringValue(collections[i]));
>>> }
>>> return result;
>>> } catch (XMLDBException e) {
>>> throw new XPathException(this, "Failed to retrieve child resources", e);
>>> }
>>> }
>>>
>>> org.exist.xquery.functions.xmldb.XMLDBGetChildCollections has the same issue:
>>>
>>> public Sequence evalWithCollection(Collection collection, Sequence[] args, Sequence contextSequence)
>>> throws XPathException {
>>>
>>> ValueSequence result = new ValueSequence();
>>> try {
>>> String[] collections = collection.listChildCollections();
>>> for(int i = 0; i < collections.length; i++) {
>>> //TODO: Add validating read permission against the current user
>>> result.add(new StringValue(collections[i]));
>>> }
>>> return result;
>>> } catch (XMLDBException e) {
>>> throw new XPathException(this, "Failed to retrieve child collections", e);
>>> }
>>> }
>>>
>>
>
>
> ------------------------------------------------------------------------------
> Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
> Be part of this innovative community and reach millions of netbook users
> worldwide. Take advantage of special opportunities to increase revenue and
> speed time-to-market. Join now, and jumpstart your future.
> http://p.sf.net/sfu/intel-atom-d2d
> _______________________________________________
> Exist-development mailing list
> Exi...@li...
> https://lists.sourceforge.net/lists/listinfo/exist-development
>
>
>
>
> --
> Dmitriy Shabanov
|
Can you show tmp's permissions & your groups?
On Fri, Aug 27, 2010 at 10:45 PM, Loren Cahlander <lor...@gm...
> wrote:
> Here is what I mean with an example under Mac OS X (The same thing will
> work under Linux):
>
> lorens-mac:tmp lcahlander$ ls -al
> total 8
> drwxrwxrwt 9 root wheel 306 Aug 27 12:40 .
> drwxr-xr-x@ 6 root wheel 204 Dec 10 2009 ..
> -rw-r--r-- 1 lcahlander wheel 0 Aug 27 11:35 .yjp_ide51928
> srwxr-xr-x 1 lcahlander wheel 0 Aug 26 23:15 icssuis501
> drwx------ 3 lcahlander wheel 102 Aug 26 23:14 launch-Lk9wGt
> drwx------ 3 lcahlander wheel 102 Aug 26 23:14 launch-qXSOwK
> drwx------ 3 lcahlander wheel 102 Aug 26 23:14 launch-y3HLPq
> drwx------ 3 lcahlander wheel 102 Aug 26 23:14 launchd-131.SHiPK0
> *-rwx------ 1 root wheel 36 Aug 27 12:40 noread.txt*
> lorens-mac:tmp lcahlander$ who am i
> lcahlander ttys000 Aug 27 12:39
> *lorens-mac:tmp lcahlander$ cat noread.txt *
> *cat: noread.txt: Permission denied*
> lorens-mac:tmp lcahlander$
>
> You can see that I am not running as root. The listing of the contents of
> /tmp shows all of the metadata about the contents of */tmp*, but I do not
> have read access to */tmp/noread.txt* which is evident when I try to cat
> the file.
>
> On Aug 27, 2010, at 12:28 PM, Loren Cahlander wrote:
>
> When I was thinking through this problem (some of it during sleeping), I
> was thinking that this original statement was wrong. If the user has read
> access to a collection, then he/she can see the listing of the collections
> and resources within the collection. The problem that the WebDAV client was
> encountering was accessing the creation date, last modified date and the
> size of the resource when the user does not have read access to the
> resource. This is wrong. If the user has read access to the parent
> collection and not to the resource being listed, then the user should have
> access to the creation date, last modified date and the size of the resource
> but no to the contents of the resource.
>
>
> In org.exist.xmldb.LocalXMLResource:
>
> The following:
>
> public Date getCreationTime() throws XMLDBException {
> DBBroker broker = null;
> try {
> broker = pool.get(user);
> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> * **if (!document.getPermissions().validate(user, Permission.READ))*
> * **throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,*
> * **"permission denied to read resource");*
> return new Date(document.getMetadata().getCreated());
> } catch (EXistException e) {
> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
> e);
> } finally {
> pool.release(broker);
> }
> }
>
> public Date getLastModificationTime() throws XMLDBException {
> DBBroker broker = null;
> try {
> broker = pool.get(user);
> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> * **if (!document.getPermissions().validate(user, Permission.READ))*
> * **throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,*
> * **"permission denied to read resource");*
> return new Date(document.getMetadata().getLastModified());
> } catch (EXistException e) {
> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
> e);
> } finally {
> pool.release(broker);
> }
> }
> /* (non-Javadoc)
> * @see org.exist.xmldb.EXistResource#getContentLength()
> */
> public int getContentLength() throws XMLDBException {
> DBBroker broker = null;
> try {
> broker = pool.get(user);
> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> * **if (!document.getPermissions().validate(user, Permission.READ))*
> * **throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,*
> * **"permission denied to read resource");*
> return document.getContentLength();
> } catch (EXistException e) {
> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
> e);
> } finally {
> pool.release(broker);
> }
> }
>
> To:
>
>
> public Date getCreationTime() throws XMLDBException {
> DBBroker broker = null;
> try {
>
> * LocalCollection parent =
> (LocalCollection)getParentCollection();*
>
> * if (!parent.getCollection().getPermissions().validate(user,
> Permission.READ)) {*
>
> * throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
> "permission denied to read resource");*
>
> * *
>
> * }*
>
> broker = pool.get(user);
> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> return new Date(document.getMetadata().getCreated());
> } catch (EXistException e) {
> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
> e);
> } finally {
> pool.release(broker);
> }
> }
>
> public Date getLastModificationTime() throws XMLDBException {
> DBBroker broker = null;
> try {
>
> * LocalCollection parent =
> (LocalCollection)getParentCollection();*
>
> * if (!parent.getCollection().getPermissions().validate(user,
> Permission.READ)) {*
>
> * throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
> "permission denied to read resource");*
>
> * *
>
> * }*
>
> broker = pool.get(user);
> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> return new Date(document.getMetadata().getLastModified());
> } catch (EXistException e) {
> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
> e);
> } finally {
> pool.release(broker);
> }
> }
> /* (non-Javadoc)
> * @see org.exist.xmldb.EXistResource#getContentLength()
> */
> public int getContentLength() throws XMLDBException {
> DBBroker broker = null;
> try {
>
> * LocalCollection parent =
> (LocalCollection)getParentCollection();*
>
> * if (!parent.getCollection().getPermissions().validate(user,
> Permission.READ)) {*
>
> * throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
> "permission denied to read resource");*
>
> * *
>
> * }*
>
> broker = pool.get(user);
> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> return document.getContentLength();
> } catch (EXistException e) {
> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
> e);
> } finally {
> pool.release(broker);
> }
> }
>
> The same problem exists in org.exist.xmldb.LocalBinaryResource. If I get
> the community buy in, then I will go ahead and make this change to these two
> source files.
>
> This would match our documentation on permissions:
>
> http://exist-db.org/security.html#permissions
>
>
> Loren
>
>
>
>
>
>
> On Aug 26, 2010, at 04:34 PM, Loren Cahlander wrote:
>
> Hello folks,
>
> I found a security hole in the XMLDB function module while trying to lock
> down the WebDAV access so that guest cannot see the database contents. I
> removed the rwu from other/world on all resources (rwurwu---) and am getting
> the following while trying to see
> http://localhost:8080/exist/webdav/db/cms as guest:
>
>
>
> *org.exist.xquery.XPathException: Failed to retrieve creation date:
> permission denied to read resource [at line 56, column 36]*
> *In function:*
> * **f:format-dateTime(xs:dateTime)
> [56:18:jar:file:/home/exist/exist/exist-optional.jar!/org/exist/http/webdav/methods/collection.xq]
> *
> * **f:display-child-resources(xs:string)
> [96:14:jar:file:/home/exist/exist/exist-optional.jar!/org/exist/http/webdav/methods/collection.xq]
> *
>
>
> The content of the function in collection.xq is:
>
> declare function f:display-child-resources($collection as xs:string)
> as element()* {
> for $child in xdb:get-child-resources($collection)
> order by $child
> return
> <tr>
> <td><a target="_new" href="{$uri}/{$child}">{$child}</a></td>
> <td
> class="perm">{xdb:permissions-to-string(xdb:get-permissions($collection,
> $child))}</td>
> <td>{xdb:get-owner($collection, $child)}</td>
> <td>{xdb:get-group($collection, $child)}</td>
> * <td>{f:format-dateTime(xdb:created($collection,
> $child))}</td>*
> <td>{f:format-dateTime(xdb:last-modified($collection,
> $child))}</td>
> <td>{fn:ceiling(xdb:size($collection, $child) div 1024)}</td>
> </tr>
> };
>
> The xdb:get-child-resources($collection) should only return the resources
> that the current user has read access to. Here is the content of the method
> in org.exist.xquery.functions.xmldb.XMLDBGetChildResources
>
> public Sequence evalWithCollection(Collection collection, Sequence[] args,
> Sequence contextSequence)
> throws XPathException {
> ValueSequence result = new ValueSequence();
> try {
> String[] collections = collection.listResources();
> for(int i = 0; i < collections.length; i++) {
> *//TODO: Add validating read permission against the current user*
> result.add(new StringValue(collections[i]));
> }
> return result;
> } catch (XMLDBException e) {
> throw new XPathException(this, "Failed to retrieve child resources", e);
> }
> }
>
> org.exist.xquery.functions.xmldb.XMLDBGetChildCollections has the same
> issue:
>
> public Sequence evalWithCollection(Collection collection, Sequence[] args,
> Sequence contextSequence)
> throws XPathException {
> ValueSequence result = new ValueSequence();
> try {
> String[] collections = collection.listChildCollections();
> for(int i = 0; i < collections.length; i++) {
> *//TODO: Add validating read permission against the current user*
> result.add(new StringValue(collections[i]));
> }
> return result;
> } catch (XMLDBException e) {
> throw new XPathException(this, "Failed to retrieve child collections", e);
> }
> }
>
>
>
>
>
> ------------------------------------------------------------------------------
> Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
> Be part of this innovative community and reach millions of netbook users
> worldwide. Take advantage of special opportunities to increase revenue and
> speed time-to-market. Join now, and jumpstart your future.
> http://p.sf.net/sfu/intel-atom-d2d
> _______________________________________________
> Exist-development mailing list
> Exi...@li...
> https://lists.sourceforge.net/lists/listinfo/exist-development
>
>
--
Dmitriy Shabanov
|
Here is what I mean with an example under Mac OS X (The same thing will work under Linux):
lorens-mac:tmp lcahlander$ ls -al
total 8
drwxrwxrwt 9 root wheel 306 Aug 27 12:40 .
drwxr-xr-x@ 6 root wheel 204 Dec 10 2009 ..
-rw-r--r-- 1 lcahlander wheel 0 Aug 27 11:35 .yjp_ide51928
srwxr-xr-x 1 lcahlander wheel 0 Aug 26 23:15 icssuis501
drwx------ 3 lcahlander wheel 102 Aug 26 23:14 launch-Lk9wGt
drwx------ 3 lcahlander wheel 102 Aug 26 23:14 launch-qXSOwK
drwx------ 3 lcahlander wheel 102 Aug 26 23:14 launch-y3HLPq
drwx------ 3 lcahlander wheel 102 Aug 26 23:14 launchd-131.SHiPK0
-rwx------ 1 root wheel 36 Aug 27 12:40 noread.txt
lorens-mac:tmp lcahlander$ who am i
lcahlander ttys000 Aug 27 12:39
lorens-mac:tmp lcahlander$ cat noread.txt
cat: noread.txt: Permission denied
lorens-mac:tmp lcahlander$
You can see that I am not running as root. The listing of the contents of /tmp shows all of the metadata about the contents of /tmp, but I do not have read access to /tmp/noread.txt which is evident when I try to cat the file.
On Aug 27, 2010, at 12:28 PM, Loren Cahlander wrote:
> When I was thinking through this problem (some of it during sleeping), I was thinking that this original statement was wrong. If the user has read access to a collection, then he/she can see the listing of the collections and resources within the collection. The problem that the WebDAV client was encountering was accessing the creation date, last modified date and the size of the resource when the user does not have read access to the resource. This is wrong. If the user has read access to the parent collection and not to the resource being listed, then the user should have access to the creation date, last modified date and the size of the resource but no to the contents of the resource.
>
>
> In org.exist.xmldb.LocalXMLResource:
>
> The following:
>
> public Date getCreationTime() throws XMLDBException {
> DBBroker broker = null;
> try {
> broker = pool.get(user);
> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> if (!document.getPermissions().validate(user, Permission.READ))
> throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
> "permission denied to read resource");
> return new Date(document.getMetadata().getCreated());
> } catch (EXistException e) {
> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
> e);
> } finally {
> pool.release(broker);
> }
> }
>
> public Date getLastModificationTime() throws XMLDBException {
> DBBroker broker = null;
> try {
> broker = pool.get(user);
> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> if (!document.getPermissions().validate(user, Permission.READ))
> throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
> "permission denied to read resource");
> return new Date(document.getMetadata().getLastModified());
> } catch (EXistException e) {
> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
> e);
> } finally {
> pool.release(broker);
> }
> }
>
> /* (non-Javadoc)
> * @see org.exist.xmldb.EXistResource#getContentLength()
> */
> public int getContentLength() throws XMLDBException {
> DBBroker broker = null;
> try {
> broker = pool.get(user);
> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> if (!document.getPermissions().validate(user, Permission.READ))
> throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
> "permission denied to read resource");
> return document.getContentLength();
> } catch (EXistException e) {
> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
> e);
> } finally {
> pool.release(broker);
> }
> }
>
> To:
>
>
> public Date getCreationTime() throws XMLDBException {
> DBBroker broker = null;
> try {
> LocalCollection parent = (LocalCollection)getParentCollection();
> if (!parent.getCollection().getPermissions().validate(user, Permission.READ)) {
> throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, "permission denied to read resource");
>
> }
> broker = pool.get(user);
> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> return new Date(document.getMetadata().getCreated());
> } catch (EXistException e) {
> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
> e);
> } finally {
> pool.release(broker);
> }
> }
>
> public Date getLastModificationTime() throws XMLDBException {
> DBBroker broker = null;
> try {
> LocalCollection parent = (LocalCollection)getParentCollection();
> if (!parent.getCollection().getPermissions().validate(user, Permission.READ)) {
> throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, "permission denied to read resource");
>
> }
> broker = pool.get(user);
> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> return new Date(document.getMetadata().getLastModified());
> } catch (EXistException e) {
> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
> e);
> } finally {
> pool.release(broker);
> }
> }
>
> /* (non-Javadoc)
> * @see org.exist.xmldb.EXistResource#getContentLength()
> */
> public int getContentLength() throws XMLDBException {
> DBBroker broker = null;
> try {
> LocalCollection parent = (LocalCollection)getParentCollection();
> if (!parent.getCollection().getPermissions().validate(user, Permission.READ)) {
> throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, "permission denied to read resource");
>
> }
> broker = pool.get(user);
> DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
> return document.getContentLength();
> } catch (EXistException e) {
> throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
> e);
> } finally {
> pool.release(broker);
> }
> }
>
> The same problem exists in org.exist.xmldb.LocalBinaryResource. If I get the community buy in, then I will go ahead and make this change to these two source files.
>
> This would match our documentation on permissions:
>
> http://exist-db.org/security.html#permissions
>
>
> Loren
>
>
>
>
>
>
> On Aug 26, 2010, at 04:34 PM, Loren Cahlander wrote:
>
>> Hello folks,
>>
>> I found a security hole in the XMLDB function module while trying to lock down the WebDAV access so that guest cannot see the database contents. I removed the rwu from other/world on all resources (rwurwu---) and am getting the following while trying to see http://localhost:8080/exist/webdav/db/cms as guest:
>>
>>
>>
>> org.exist.xquery.XPathException: Failed to retrieve creation date: permission denied to read resource [at line 56, column 36]
>> In function:
>> f:format-dateTime(xs:dateTime) [56:18:jar:file:/home/exist/exist/exist-optional.jar!/org/exist/http/webdav/methods/collection.xq]
>> f:display-child-resources(xs:string) [96:14:jar:file:/home/exist/exist/exist-optional.jar!/org/exist/http/webdav/methods/collection.xq]
>>
>>
>> The content of the function in collection.xq is:
>>
>> declare function f:display-child-resources($collection as xs:string)
>> as element()* {
>> for $child in xdb:get-child-resources($collection)
>> order by $child
>> return
>> <tr>
>> <td><a target="_new" href="{$uri}/{$child}">{$child}</a></td>
>> <td class="perm">{xdb:permissions-to-string(xdb:get-permissions($collection, $child))}</td>
>> <td>{xdb:get-owner($collection, $child)}</td>
>> <td>{xdb:get-group($collection, $child)}</td>
>> <td>{f:format-dateTime(xdb:created($collection, $child))}</td>
>> <td>{f:format-dateTime(xdb:last-modified($collection, $child))}</td>
>> <td>{fn:ceiling(xdb:size($collection, $child) div 1024)}</td>
>> </tr>
>> };
>>
>> The xdb:get-child-resources($collection) should only return the resources that the current user has read access to. Here is the content of the method in org.exist.xquery.functions.xmldb.XMLDBGetChildResources
>>
>> public Sequence evalWithCollection(Collection collection, Sequence[] args, Sequence contextSequence)
>> throws XPathException {
>> ValueSequence result = new ValueSequence();
>> try {
>> String[] collections = collection.listResources();
>> for(int i = 0; i < collections.length; i++) {
>> //TODO: Add validating read permission against the current user
>> result.add(new StringValue(collections[i]));
>> }
>> return result;
>> } catch (XMLDBException e) {
>> throw new XPathException(this, "Failed to retrieve child resources", e);
>> }
>> }
>>
>> org.exist.xquery.functions.xmldb.XMLDBGetChildCollections has the same issue:
>>
>> public Sequence evalWithCollection(Collection collection, Sequence[] args, Sequence contextSequence)
>> throws XPathException {
>>
>> ValueSequence result = new ValueSequence();
>> try {
>> String[] collections = collection.listChildCollections();
>> for(int i = 0; i < collections.length; i++) {
>> //TODO: Add validating read permission against the current user
>> result.add(new StringValue(collections[i]));
>> }
>> return result;
>> } catch (XMLDBException e) {
>> throw new XPathException(this, "Failed to retrieve child collections", e);
>> }
>> }
>>
>
|
When I was thinking through this problem (some of it during sleeping), I was thinking that this original statement was wrong. If the user has read access to a collection, then he/she can see the listing of the collections and resources within the collection. The problem that the WebDAV client was encountering was accessing the creation date, last modified date and the size of the resource when the user does not have read access to the resource. This is wrong. If the user has read access to the parent collection and not to the resource being listed, then the user should have access to the creation date, last modified date and the size of the resource but no to the contents of the resource.
In org.exist.xmldb.LocalXMLResource:
The following:
public Date getCreationTime() throws XMLDBException {
DBBroker broker = null;
try {
broker = pool.get(user);
DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
if (!document.getPermissions().validate(user, Permission.READ))
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
"permission denied to read resource");
return new Date(document.getMetadata().getCreated());
} catch (EXistException e) {
throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
e);
} finally {
pool.release(broker);
}
}
public Date getLastModificationTime() throws XMLDBException {
DBBroker broker = null;
try {
broker = pool.get(user);
DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
if (!document.getPermissions().validate(user, Permission.READ))
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
"permission denied to read resource");
return new Date(document.getMetadata().getLastModified());
} catch (EXistException e) {
throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
e);
} finally {
pool.release(broker);
}
}
/* (non-Javadoc)
* @see org.exist.xmldb.EXistResource#getContentLength()
*/
public int getContentLength() throws XMLDBException {
DBBroker broker = null;
try {
broker = pool.get(user);
DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
if (!document.getPermissions().validate(user, Permission.READ))
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED,
"permission denied to read resource");
return document.getContentLength();
} catch (EXistException e) {
throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
e);
} finally {
pool.release(broker);
}
}
To:
public Date getCreationTime() throws XMLDBException {
DBBroker broker = null;
try {
LocalCollection parent = (LocalCollection)getParentCollection();
if (!parent.getCollection().getPermissions().validate(user, Permission.READ)) {
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, "permission denied to read resource");
}
broker = pool.get(user);
DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
return new Date(document.getMetadata().getCreated());
} catch (EXistException e) {
throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
e);
} finally {
pool.release(broker);
}
}
public Date getLastModificationTime() throws XMLDBException {
DBBroker broker = null;
try {
LocalCollection parent = (LocalCollection)getParentCollection();
if (!parent.getCollection().getPermissions().validate(user, Permission.READ)) {
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, "permission denied to read resource");
}
broker = pool.get(user);
DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
return new Date(document.getMetadata().getLastModified());
} catch (EXistException e) {
throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
e);
} finally {
pool.release(broker);
}
}
/* (non-Javadoc)
* @see org.exist.xmldb.EXistResource#getContentLength()
*/
public int getContentLength() throws XMLDBException {
DBBroker broker = null;
try {
LocalCollection parent = (LocalCollection)getParentCollection();
if (!parent.getCollection().getPermissions().validate(user, Permission.READ)) {
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, "permission denied to read resource");
}
broker = pool.get(user);
DocumentImpl document = getDocument(broker, Lock.NO_LOCK);
return document.getContentLength();
} catch (EXistException e) {
throw new XMLDBException(ErrorCodes.UNKNOWN_ERROR, e.getMessage(),
e);
} finally {
pool.release(broker);
}
}
The same problem exists in org.exist.xmldb.LocalBinaryResource. If I get the community buy in, then I will go ahead and make this change to these two source files.
This would match our documentation on permissions:
http://exist-db.org/security.html#permissions
Loren
On Aug 26, 2010, at 04:34 PM, Loren Cahlander wrote:
> Hello folks,
>
> I found a security hole in the XMLDB function module while trying to lock down the WebDAV access so that guest cannot see the database contents. I removed the rwu from other/world on all resources (rwurwu---) and am getting the following while trying to see http://localhost:8080/exist/webdav/db/cms as guest:
>
>
>
> org.exist.xquery.XPathException: Failed to retrieve creation date: permission denied to read resource [at line 56, column 36]
> In function:
> f:format-dateTime(xs:dateTime) [56:18:jar:file:/home/exist/exist/exist-optional.jar!/org/exist/http/webdav/methods/collection.xq]
> f:display-child-resources(xs:string) [96:14:jar:file:/home/exist/exist/exist-optional.jar!/org/exist/http/webdav/methods/collection.xq]
>
>
> The content of the function in collection.xq is:
>
> declare function f:display-child-resources($collection as xs:string)
> as element()* {
> for $child in xdb:get-child-resources($collection)
> order by $child
> return
> <tr>
> <td><a target="_new" href="{$uri}/{$child}">{$child}</a></td>
> <td class="perm">{xdb:permissions-to-string(xdb:get-permissions($collection, $child))}</td>
> <td>{xdb:get-owner($collection, $child)}</td>
> <td>{xdb:get-group($collection, $child)}</td>
> <td>{f:format-dateTime(xdb:created($collection, $child))}</td>
> <td>{f:format-dateTime(xdb:last-modified($collection, $child))}</td>
> <td>{fn:ceiling(xdb:size($collection, $child) div 1024)}</td>
> </tr>
> };
>
> The xdb:get-child-resources($collection) should only return the resources that the current user has read access to. Here is the content of the method in org.exist.xquery.functions.xmldb.XMLDBGetChildResources
>
> public Sequence evalWithCollection(Collection collection, Sequence[] args, Sequence contextSequence)
> throws XPathException {
> ValueSequence result = new ValueSequence();
> try {
> String[] collections = collection.listResources();
> for(int i = 0; i < collections.length; i++) {
> //TODO: Add validating read permission against the current user
> result.add(new StringValue(collections[i]));
> }
> return result;
> } catch (XMLDBException e) {
> throw new XPathException(this, "Failed to retrieve child resources", e);
> }
> }
>
> org.exist.xquery.functions.xmldb.XMLDBGetChildCollections has the same issue:
>
> public Sequence evalWithCollection(Collection collection, Sequence[] args, Sequence contextSequence)
> throws XPathException {
>
> ValueSequence result = new ValueSequence();
> try {
> String[] collections = collection.listChildCollections();
> for(int i = 0; i < collections.length; i++) {
> //TODO: Add validating read permission against the current user
> result.add(new StringValue(collections[i]));
> }
> return result;
> } catch (XMLDBException e) {
> throw new XPathException(this, "Failed to retrieve child collections", e);
> }
> }
>
|
|
From: James F. <jam...@ex...> - 2010-08-26 08:41:34
|
Hello Committers,
Before we widely announce package repository and start communicating
out to wider group about its capabilities we have a few things left to
address:
* need to create classloader to dynamically load stuff so we avoid the
current constraint of having to restart eXistdb ... I am a little
unsure of where to start with this effort, there are a few routes to
achieve this and I know that Dmitry and Adam have voiced their
willingness to pitch in on this, but I guess what I am saying is I
could use some direction/hints and opinions of the best way to achieve
this
* setup master Public repository ('the eXistdb App store') under a
cool domain like repo.exist.sourceforge.net, we can use demo server
for this but we will need to refresh/rebuild it to latest trunk and
set access rights so we can upload packages
* probably need to test and tweak application packages (myapp-0.1.xar
is an example of this) ... there maybe a trivial mimetype issue at the
moment, but have not had time to test
I could also do with someone assisting in creating new packages ...
its real simple and the more people who know how to create packages
the better.
Just check out the repo docs and view the webapp/repo/packages
directory for examples; its very straightforward. I have committed
package distros to the webapp/repo/packages directory for the interim
whilst we develop and use targets in extensions/modules/build.xml to
zip them up. I have also committed the .xar packages themselves to
webapp/repo/packages for convenience but we probably want to remove
these at some point.
Some examples of packages that need to be created are:
* packaging up and test all eXistdb examples
* packaging up and test existing 3rd party extensions (math-0.1.xar is
an example of this)
* packaging up and test stable 3rd party libraries (e.g.
functx-1.0.xar is an example of this)
Its important to have the master Public repository launch with a good
stable set of packages.
We will also need to setup a review process of .xar packages that
people want to have included in the 'eXist app store' (aka master
Public repository) ;)
thats all for now
James Fuller
|
|
From: Dmitriy S. <sha...@gm...> - 2010-08-26 04:30:32
|
On Wed, 2010-08-25 at 17:05 -0400, Andrzej Jan Taramina wrote: > On 08/22/2010 01:51 PM, Dmitriy Shabanov wrote: > > > TODO: > > 1. fix backup restore, automatic /db/system/users.xml migration question > > 2. principal delete procedure > > 3. make sure that old clients will work with new API, as example oXygen > > with old libs > > 4. stabilization > > > > This week I plan to finish refactoring & next LDAP & AD realms (hope, > > till September) > > Does the refactoring include items 1, 4 and maybe 3 on your Todo list? > > I'm really anxious for 1 and 4 to be completed, before you tackle other realms like LDAP and AD.... I did finish coding #1, only the problem is collection's configuration get method, it have restriction on '/db/system'. Analyzing how to change it. #4 is the question of more tests. -- Cheers, Dmitriy Shabanov |
|
From: Andrzej J. T. <an...@ch...> - 2010-08-25 21:05:54
|
On 08/22/2010 01:51 PM, Dmitriy Shabanov wrote: > TODO: > 1. fix backup restore, automatic /db/system/users.xml migration question > 2. principal delete procedure > 3. make sure that old clients will work with new API, as example oXygen > with old libs > 4. stabilization > > This week I plan to finish refactoring & next LDAP & AD realms (hope, > till September) Does the refactoring include items 1, 4 and maybe 3 on your Todo list? I'm really anxious for 1 and 4 to be completed, before you tackle other realms like LDAP and AD.... -- Andrzej Taramina Chaeron Corporation: Enterprise System Solutions http://www.chaeron.com |
64 messages has been excluded from this view by a project administrator.
