Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
bcommand: BVFS should check for ACLs.
BVFS has pretty bad ideas on security it allows the end user to specify any set of JobIds without checking ACLs next to that is allows you to specify any client without checking access and it also allows filesets to be browsed that may not be part of your ACLs. This patch tries to make things more secure by filtering the JobIds you can supply to the commands and which are returned by making sure that the JobName and ClientName used by the Job are within your ACLs. User input on clients and filesets is also validated against the proper ACLs.
- Loading branch information
Marco van Wieringen
committed
Sep 1, 2016
1 parent
f0ea06f
commit 95e1293
Showing
1 changed file
with
138 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters