Mercurial > p > roundup > code
comparison doc/security.txt @ 1089:43ab730ee194
instance -> tracker, node -> item
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Tue, 10 Sep 2002 00:15:59 +0000 |
| parents | 299f4890427d |
| children |
comparison
equal
deleted
inserted
replaced
| 1088:32e41ddf2edb | 1089:43ab730ee194 |
|---|---|
| 1 =================== | 1 =================== |
| 2 Security Mechanisms | 2 Security Mechanisms |
| 3 =================== | 3 =================== |
| 4 | 4 |
| 5 :Version: $Revision: 1.15 $ | 5 :Version: $Revision: 1.16 $ |
| 6 | 6 |
| 7 Current situation | 7 Current situation |
| 8 ================= | 8 ================= |
| 9 | 9 |
| 10 Current logical controls: | 10 Current logical controls: |
| 49 Possible approaches | 49 Possible approaches |
| 50 =================== | 50 =================== |
| 51 | 51 |
| 52 Security controls in Roundup could be approached in three ways: | 52 Security controls in Roundup could be approached in three ways: |
| 53 | 53 |
| 54 1) at the hyperdb level, with read/write/modify permissions on classes, nodes | 54 1) at the hyperdb level, with read/write/modify permissions on classes, items |
| 55 and node properties for all or specific transitions. | 55 and item properties for all or specific transitions. |
| 56 2) at the user interface level, with access permissions on CGI interface | 56 2) at the user interface level, with access permissions on CGI interface |
| 57 methods, mailgw methods, roundup-admin methods, and so on. | 57 methods, mailgw methods, roundup-admin methods, and so on. |
| 58 3) at a logical permission level, checked as needed. | 58 3) at a logical permission level, checked as needed. |
| 59 | 59 |
| 60 In all cases, the security built into roundup assumes restricted access to the | 60 In all cases, the security built into roundup assumes restricted access to the |
| 64 | 64 |
| 65 Hyperdb-level control | 65 Hyperdb-level control |
| 66 --------------------- | 66 --------------------- |
| 67 | 67 |
| 68 Control is implemented at the Class.get, Class.set and Class.create level. All | 68 Control is implemented at the Class.get, Class.set and Class.create level. All |
| 69 other methods must access nodes through these methods. Since all accesses go | 69 other methods must access items through these methods. Since all accesses go |
| 70 through the database, we can implement deny by default. | 70 through the database, we can implement deny by default. |
| 71 | 71 |
| 72 Pros: | 72 Pros: |
| 73 | 73 |
| 74 - easier to implement as it only affects one module | 74 - easier to implement as it only affects one module |
| 77 Cons: | 77 Cons: |
| 78 | 78 |
| 79 - harder to determine the relationship between user interaction and hyperdb | 79 - harder to determine the relationship between user interaction and hyperdb |
| 80 permission. | 80 permission. |
| 81 - a lot of work to define | 81 - a lot of work to define |
| 82 - must special-case to handle by-node permissions (editing user details, | 82 - must special-case to handle by-item permissions (editing user details, |
| 83 having private messages) | 83 having private messages) |
| 84 | 84 |
| 85 | 85 |
| 86 User-interface control | 86 User-interface control |
| 87 ---------------------- | 87 ---------------------- |