[MAGNOLIA-2399] Make acl nodes read only for user Created: 29/Sep/08  Updated: 19/Dec/16  Resolved: 04/Nov/15

Status: Closed
Project: Magnolia
Component/s: admininterface, security
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major
Reporter: Jan Haderka Assignee: Philipp Bärfuss
Resolution: Won't Do Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Cloners
clones MAGNOLIA-2388 Easy privilege escalation from user p... Closed
relation
is related to MAGNOLIA-2400 Split Roles/Groups assignment from Us... Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Date of First Response:

 Description   

While this is not exposed via UI anywhere, it would be definitively safer to have user rights to their own ACLs limited.



 Comments   
Comment by Magnolia International [ 16/Feb/09 ]

While this is not exposed via UI anywhere

Well, isn't it exposed via the user edit/preferences dialog ?

Comment by Jan Haderka [ 24/Feb/09 ]

Well, isn't it exposed via the user edit/preferences dialog ?

Not this particular aspect. User can't abuse this via user preferences dialog as (s)he can only select the roles/groups (s)he can already see. But if user was somehow to gain direct access to the workspace, and knew or guessed other existing roles or groups it would be possible for such user to gain extra access right by adding fake entries for such role/group. This is however not possible at the moment without creating and registering special tree exposing users workspace and supporting arbitrary node creation. To set it up you would have to have admin privileges already hence you would have no need to set such thing in a first place. Still it would be safer if ACLs were not stored under the users directly and any kind of write access from the users themselves to ACLs could be restricted.

Comment by Michael Mühlebach [ 04/Nov/15 ]

Given the thousands of other issues we have open that are more highly requested, we won't be able to address this issue in the foreseeable future. Instead we will focus on issues with a higher impact, and more votes.
Thanks for taking the time to raise this issue. As you are no doubt aware this issue has been on our backlog for some time now with very little movement.
I'm going to close this to set expectations so the issue doesn't stay open for years with few updates. If the issue is still relevant please feel free to reopen it or create a new issue.

Generated at Mon Feb 12 03:36:20 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.