Menu
▾
▴
Re: [Exist-development] Confused about permissions and defaults for XQuery files
|
From: Adam R. <ad...@ex...> - 2011-10-18 13:16:36
|
On 18 October 2011 12:36, Chris Tomlinson <chr...@gm...> wrote: > > On Oct 18, 2011, at 4:53 PM, Adam Retter wrote: > > On Oct 18, 2011 10:06 AM, "Chris Tomlinson" <chr...@gm...> > wrote: >> >> Adam, >> >> 1) So if I understand correctly then there is no longer any default >> permissions feature any where, including in the collection.xconf files for >> various collections. Is this correct? It seems contrary to the portion of >> the thread with Dmitriy so you'll appreciate my confusion. > > Yes that is correct. I am not sure what Dmitriy is describing. > >> 2) What is the security issue? Incorrect admin of the DB is always an >> opportunity for problems: performance, security and so on. It seems to me >> that removing the ability to provide a default set of permissions some how - >> on a collection or on a per user basis or whatever - is a significant >> reduction in functionality in order to keep some DB admins from shooting >> themselves in the foot so to speak. This means to me that eXist is now >> enforcing a particular policy rather than providing mechanism. > > This is an interesting argument and one that I am not deaf to. However I > would like to know if there is a known mechanism in Unix for this? > > Well there's umask which has been used for this purpose in user's .profile > or equivalent. > > My approach would be permissions inheritance through our new acl's. > Inheritance is not ready yet though. > >> 3) Setting permissions after upload is an additional step that is not >> supported by the admin.xq and that is poorly supported by the java admin GUI >> since for large collections (1000s of files) remotely one has to list the >> entire collection contents before being able to then use the GUI panel for >> permissions. The command line on a headless server works with less >> performance issue but doesn't seem to support any wildcarding or other >> method of selecting multiple files / collections for the chmod to affect. > > Your best option would be to run a small xquery that uses the sm:chmod > function. > > have xmldb:set-resource-permissions and xmldb:set-collection-permissions > been deleted? They are not deleted, more deprecated. The Security Manager module (sm:) should be considered the place to do anything with security in the future. >> >> Chris >> >> >> On Oct 18, 2011, at 2:21 PM, Adam Retter wrote: >> >>> >>> On Oct 18, 2011 6:16 AM, "Chris Tomlinson" <chr...@gm...> >>> wrote: >>> > >>> > Hello, >>> > >>> > I'm looking into some issues surrounding permissions management in >>> > current trunk and am trying to make sure I understand what is intended and >>> > what is implemented in this area. I ran across this post of yours from 3 >>> > months ago and I wanted to know the status in this area is or whether it has >>> > been reconsidered. >>> >>> No the plan is still in progress. >>> >>> > In looking at org.exist.security.Permission.java it looks like it >>> > hasn't been worked on since 4 Aug and the "update" nomenclature is still in >>> > place and used in org.exist.security.AbstractUnixStylePermission.java which >>> > hasn't been worked on for even longer. >>> > >>> > Trunk certainly still interprets the "u" perm as indicating that the >>> > file is updatable or not (versus deletable "w") and throws an error in the >>> > event that a user attempts to update and that flag isn't set for the user, >>> > group or other as appropriate. >>> > >>> > Is this the behavior we can expect as trunk morphs into 1.6 or are >>> > there more changes on the way for org.exist.security? >>> > >>> >>> A few more changes to come. Other priorities got in the way. But its top >>> of my list again. >>> >>> > I also seem to not understand the semantics of the <db-connection/> >>> > <default-permissions collection="0774" resource="0774" /> in the conf.xml >>> > file. I have the above set in the conf.xml on trunk rev 15412 and it doesn't >>> > seem to make any difference. For example, when I upload a file via the >>> > http://localhost:8080/exist/admin/admin.xql > Browse collections interface I >>> > get permissions: "rw-r--r--" rather than "rwuruwr--" which I would have >>> > expected. The same is true when running java client from the command line. >>> >>> Default permissions have been removed as a security concern. >>> >>> > We have need of being able to upload files and the resulting >>> > permissions need to be "rwuruwr--" by default. How do we achieve this via >>> > the admin.xql or the command line client? >>> >>> You can set perms after upload... >>> >>> > Thanks, >>> > Chris >>> > >>> > >>> > On Jul 7, 2011, at 12:33 PM, Wolfgang Meier wrote: >>> > >>> > >> #1: Why does my controller.xql file need guest update permissions >>> > >> for >>> > >> regular web browsing? >>> > > >>> > > For XQuery resources, the permission flags are now interpreted as rwx >>> > > instead of the old rwu. We're in the process of changing this >>> > > everywhere. The documentation is a bit behind. >>> > > >>> > > Wolfgang >>> > > >>> > > >>> > > ------------------------------------------------------------------------------ >>> > > All of the data generated in your IT infrastructure is seriously >>> > > valuable. >>> > > Why? It contains a definitive record of application performance, >>> > > security >>> > > threats, fraudulent activity, and more. Splunk takes this data and >>> > > makes >>> > > sense of it. IT sense. And common sense. >>> > > http://p.sf.net/sfu/splunk-d2d-c2 >>> > > _______________________________________________ >>> > > Exist-open mailing list >>> > > Exi...@li... >>> > > https://lists.sourceforge.net/lists/listinfo/exist-open >>> > >>> > >>> > >>> > ------------------------------------------------------------------------------ >>> > All the data continuously generated in your IT infrastructure contains >>> > a >>> > definitive record of customers, application performance, security >>> > threats, fraudulent activity and more. Splunk takes this data and makes >>> > sense of it. Business sense. IT sense. Common sense. >>> > http://p.sf.net/sfu/splunk-d2d-oct >>> > _______________________________________________ >>> > Exist-development mailing list >>> > Exi...@li... >>> > https://lists.sourceforge.net/lists/listinfo/exist-development >> >> > > -- Adam Retter eXist Developer { United Kingdom } ad...@ex... irc://irc.freenode.net/existdb |
