Mercurial > p > roundup > code
comparison doc/security.txt @ 875:d19dd123bda2
just some formatting and a minor clarification.
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Wed, 17 Jul 2002 21:44:14 +0000 |
| parents | a4ab8fdf83a2 |
| children | 2ccfd7fa0099 |
comparison
equal
deleted
inserted
replaced
| 874:b9da8729d8ff | 875:d19dd123bda2 |
|---|---|
| 1 =================== | 1 =================== |
| 2 Security Mechanisms | 2 Security Mechanisms |
| 3 =================== | 3 =================== |
| 4 | 4 |
| 5 :Version: $Revision: 1.8 $ | 5 :Version: $Revision: 1.9 $ |
| 6 | 6 |
| 7 Current situation | 7 Current situation |
| 8 ================= | 8 ================= |
| 9 | 9 |
| 10 Current logical controls: | 10 Current logical controls: |
| 258 </permission> | 258 </permission> |
| 259 | 259 |
| 260 where the require attribute gives a comma-separated list of permission names | 260 where the require attribute gives a comma-separated list of permission names |
| 261 which are required, and the node attribute gives a comma-separated list of | 261 which are required, and the node attribute gives a comma-separated list of |
| 262 node properties whose value must match the current user's id. Either of these | 262 node properties whose value must match the current user's id. Either of these |
| 263 tests must pass or the permission check will fail. | 263 tests must pass or the permission check will fail. The section of html within |
| 264 the side of the ``<else>`` that fails is remove from processing. | |
| 264 | 265 |
| 265 | 266 |
| 266 Authentication of Users | 267 Authentication of Users |
| 267 ----------------------- | 268 ----------------------- |
| 268 | 269 |
| 284 - authenticate over a secure connection | 285 - authenticate over a secure connection |
| 285 - use unique tokens as a result of authentication, rather than pass the user's | 286 - use unique tokens as a result of authentication, rather than pass the user's |
| 286 real credentials (username/password) around for each request (this means | 287 real credentials (username/password) around for each request (this means |
| 287 sessions and hence a session database) | 288 sessions and hence a session database) |
| 288 - use the new logical control mechanisms | 289 - use the new logical control mechanisms |
| 290 | |
| 289 - implement the permission module | 291 - implement the permission module |
| 290 - implement a Role editing interface for users | 292 - implement a Role editing interface for users |
| 291 - implement htmltemplate tests on permissions | 293 - implement htmltemplate tests on permissions |
| 292 - switch all code over from using config vars for permission checks to using | 294 - switch all code over from using config vars for permission checks to using |
| 293 permissions | 295 permissions |
| 296 | 298 |
| 297 The mail gateway must be changed to: | 299 The mail gateway must be changed to: |
| 298 | 300 |
| 299 - use digital signatures | 301 - use digital signatures |
| 300 - use the new logical control mechanisms | 302 - use the new logical control mechanisms |
| 303 | |
| 301 - switch all code over from using config vars for permission checks to using | 304 - switch all code over from using config vars for permission checks to using |
| 302 permissions | 305 permissions |
| 303 | 306 |
| 304 The command-line tool must be changed to: | 307 The command-line tool must be changed to: |
| 305 | 308 |