Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-5503

Investigate whether it is possible to completely deny the write access to users workspace for the anonymous user

    XMLWordPrintable

Details

    • Task
    • Resolution: Won't Do
    • Neutral
    • None
    • 5.1.2, 5.2
    • security

    Description

      Although the anonymous user's permissions on the users workspace have been reduced in MAGNOLIA-5405, the write (more precisely Permission.ALL) access is still set for /system/anonymous/[email|language|pswd|title|lastaccess] paths.

      Wouldn't it be possible to reduce these permissions to READ, or to eliminate them completely?

      Checklists

        Acceptance criteria

        Attachments

          Activity

            People

              Unassigned Unassigned
              jchocholacek Jozef Chocholacek
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Checklists

                  Task DoR