[NXP-14665] In multi-tenant mode the UserWorkspace root should not be world readable. - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Sub-task
Status: Resolved
Priority: Minor
Resolution: Not A Bug
Affects Version/s: None
Fix Version/s: 5.9.5
Component/s: Multitenancy support, User Profile / User Manager

Description

As explained in SUPNXP-10622, when the multi-tenant mode is activated, the ACL we set on the UserWorkspace is not what it should be.

Typically :

<entry principal="Everyone" permission="Read" grant="true"/>

Should be narrowed to a tenant group.

Attachments

Activity

People

Assignee:

Thierry Delprat

Reporter:

Thierry Delprat

Participants:

Thierry Delprat

Votes:

0 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Created:

2014-06-27 20:56

Updated:

2014-06-30 23:58

Resolved:

2014-06-30 23:58