You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "Jukka Zitting (JIRA)" <ji...@apache.org> on 2013/11/01 18:31:17 UTC

[jira] [Created] (OAK-1140) SecureNodeBuilder should use the base state for the security context

Jukka Zitting created OAK-1140:
----------------------------------

             Summary: SecureNodeBuilder should use the base state for the security context
                 Key: OAK-1140
                 URL: https://issues.apache.org/jira/browse/OAK-1140
             Project: Jackrabbit Oak
          Issue Type: Bug
          Components: core
    Affects Versions: 0.10
            Reporter: Jukka Zitting


Currently the SecureNodeBuilder uses the current state that includes all transient changes when constructing the SecurityContext after a refresh.

This is potentially troublesome, as we generally don't enforce write access controls on transient changes (they're only checked during save), and it might therefore be possible for a client to transiently modify the permissions and thus gain access to content that would otherwise be read-protected.

To avoid worrying about such cases the SecureNodeBuilder should always use the base state (i.e. no transient modifications) for the SecurityContext.



--
This message was sent by Atlassian JIRA
(v6.1#6144)