Skip to content
This repository has been archived by the owner. It is now read-only.

Invalid principal URIs should not be accepted in ACLs #166

Closed
macosforgebot opened this issue Nov 7, 2007 · 6 comments
Closed

Invalid principal URIs should not be accepted in ACLs #166

macosforgebot opened this issue Nov 7, 2007 · 6 comments

Comments

@macosforgebot
Copy link

@macosforgebot macosforgebot commented Nov 7, 2007

strauss@… originally submitted this as ticket:201


Currently, principal URIs other than /principals/__uids__/*, e.g. /principals/users/frank/ are accepted and stored as principals in ACL operations, although access control is not based on such other URIs. Hence, it would be better, if the server would return an error upon such ACL operations.

This has been observed on trunk revision 1975 and tested with a Mulberry client.

@macosforgebot
Copy link
Author

@macosforgebot macosforgebot commented Jan 23, 2008

@wsanchez originally submitted this as comment:1:⁠ticket:201

  • Owner changed from @wsanchez to @cyrusdaboo
  • Priority changed from 4: Nice to have to 2: Expected
  • Severity changed from Other to Security
  • Milestone set to 1.2

Yeah, that's bad.

@macosforgebot
Copy link
Author

@macosforgebot macosforgebot commented Mar 10, 2008

@wsanchez originally submitted this as comment:2:⁠ticket:201

  • Milestone changed from 1.2 to 1.3
@macosforgebot
Copy link
Author

@macosforgebot macosforgebot commented Oct 28, 2008

@wsanchez originally submitted this as comment:3:⁠ticket:201

  • Milestone changed from CalendarServer-1.3 to CalendarServer-2.0
@macosforgebot
Copy link
Author

@macosforgebot macosforgebot commented Mar 26, 2009

@wsanchez originally submitted this as comment:4:⁠ticket:201

  • Milestone changed from CalendarServer-2.2 to CalendarServer-2.x
@macosforgebot
Copy link
Author

@macosforgebot macosforgebot commented Feb 25, 2010

@wsanchez originally submitted this as comment:5:⁠ticket:201

  • Milestone changed from CalendarServer-2.x to Later

We may be able to get rid of our uses of the ACL method soonish, which makes this not so urgent.

@macosforgebot
Copy link
Author

@macosforgebot macosforgebot commented Jan 24, 2013

@wsanchez originally submitted this as comment:11:⁠ticket:201

  • Status changed from new to closed
  • Resolution set to Not to be fixed

Setting ACLs over the wire should no longer be supported.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants
You can’t perform that action at this time.