Re: [Exist-development] [Exist-commits] SF.net SVN: exist:[12607] trunk/eXist/src/org/exist/xmldb

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Sun, 2010-08-29 at 15:43 -0500, Loren Cahlander wrote:
> You need read access to the parent collection to get to the resource
> at all.  It is redundant to check the read permission of the parent
> collection.

Please, check collection constructions, there are no security checks!

There is also should be check on methods like 'createResource'.

-- 
Cheers,

Dmitriy Shabanov

Re: [Exist-development] [Exist-commits] SF.net SVN: exist:[12607] trunk/eXist/src/org/exist/xmldb

eXist-db is a feature rich Open Source native XML database

Re: [Exist-development] [Exist-commits] SF.net SVN: exist:[12607] trunk/eXist/src/org/exist/xmldb