[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: partial lock security concerns

To: ietf@andybierman.com
Subject: Re: partial lock security concerns
From: Martin Bjorklund <mbj@tail-f.com>
Date: Fri, 07 Dec 2007 18:29:13 +0100 (CET)
Cc: netconf@ops.ietf.org
In-reply-to: <475978FF.2010708@andybierman.com>
References: <475978FF.2010708@andybierman.com>

Hi,

Andy Bierman <ietf@andybierman.com> wrote:
> Hi,
> 
> I am somewhat concerned about the security vulnerabilities
> created by a partial-lock solution based on arbitrary Xpath expressions.
> I assure you that the Security Area Director will be even more
> concerned, once he hears about it.
> 
> Granting access at the time the Xpath expression is configured,
> instead of when access is requested is not good enough security.

We don't grant access at the time the XPath expression is evaluated.
We set the lock on the node set returned by the XPath evaluation.
This lock may fail if the user does not have enough priviliges.  After
that, it works just like the global lock - you cannot change something
you don't have access to, even if it is locked.  Just like the global
lock.

/martin

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

References:
- partial lock security concerns
  - From: Andy Bierman <ietf@andybierman.com>

Prev by Date: partial locking and access control
Next by Date: Re: partial locking and access control
Previous by thread: partial lock security concerns
Next by thread: partial locking and access control
Index(es):
- Date
- Thread