[MAGNOLIA-5503] Investigate whether it is possible to completely deny the write access to users workspace for the anonymous user Created: 19/Nov/13  Updated: 19/May/22  Resolved: 19/May/22

Status: Closed
Project: Magnolia
Component/s: security
Affects Version/s: 5.1.2, 5.2
Fix Version/s: None

Type: Task Priority: Neutral
Reporter: Jozef Chocholacek Assignee: Unassigned
Resolution: Won't Do Votes: 0
Labels: next
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Relates
Template:
Acceptance criteria:
Empty
Task DoR:
Empty
Date of First Response:

 Description   

Although the anonymous user's permissions on the users workspace have been reduced in MAGNOLIA-5405, the write (more precisely Permission.ALL) access is still set for /system/anonymous/[email|language|pswd|title|lastaccess] paths.

Wouldn't it be possible to reduce these permissions to READ, or to eliminate them completely?



 Comments   
Comment by Roman Kovařík [ 19/May/22 ]

Hello,

This ticket is now marked as closed due to one of the following reasons:

  • A long period of inactivity
  • Uses an old or Beta version of an application, module, or framework that we no longer support
  • The issue is no longer reproducible or has been fixed in later versions

If you are still facing a problem or consider this issue still relevant, please feel free to re-open the ticket and we will reach out to you.

Thank you,
The Magnolia Team

Generated at Mon Feb 12 04:05:45 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.