You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Given a folder contains a .acl file specifying permissions to a file inside that folder, but does not say something about permissions to the folder itself:
The parent folder grants all access for the same agent as default (acl:default)
.
├── .acl # grants all access via `acl:default`
├── acltest
│ ├── .acl # contains the content seen above
│ └── file.ttl
Actual behaviour:
Both, the folder and the file.ttl are unreachable for the agent (403 Forbidden).
Expected behaviour:
Since the .acl does not specify access control for the folder, the parent folder .acl should be checked and access granted to the folder (granted by parent .acl) and to the file.ttl (granted by the folder's .acl).
The text was updated successfully, but these errors were encountered:
Yes, this has been discussed in the specification, and it is actually the intended behaviour. Here is the spec issue, pointing to timbl's comment on this: solid/specification#55 (comment)
Should'nt at least file.ttl be accessible, since permission is excplicitly granted? Do you know about any specification or NSS improvments, so that ACLs that do not mention the container itself are prevented?
I mean adding at least one acl:accessTo <./> seams to be a must have for a valid container ACL then?
Given a folder contains a
.acl
file specifying permissions to a file inside that folder, but does not say something about permissions to the folder itself:The parent folder grants all access for the same agent as default (
acl:default
)Actual behaviour:
Both, the folder and the file.ttl are unreachable for the agent (403 Forbidden).
Expected behaviour:
Since the
.acl
does not specify access control for the folder, the parent folder.acl
should be checked and access granted to the folder (granted by parent.acl
) and to the file.ttl (granted by the folder's.acl
).The text was updated successfully, but these errors were encountered: