[ 
https://issues.apache.org/jira/browse/SLING-6130?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Oliver Lietz updated SLING-6130:
--------------------------------
    Description: 
Currently {{everyone}} can {{read}} from {{/}} (configured in 
{{OakSlingRepositoryManager}}).

Access for {{everyone}} should be restricted:

* {{read}} should be restricted to {{/content}}
* configuration of principals and ACLs should be done with _repoinit_

# Change path from {{/}} to {{/content}} in {{OakSlingRepositoryManager}} (/) 
([r1764259|https://svn.apache.org/r1764259])
# Fix modules (samples) relying on _unrestricted_ {{read}} access
# Move configuration of ACLs to _repoinit_

discussion on 
[dev@|https://lists.apache.org/thread.html/36908ed62ac93c63cad594a897f8abceb93f08da5bcea30dbce98e58@%3Cdev.sling.apache.org%3E]

  was:
Currently {{everyone}} can {{read}} from {{/}} (configured in 
{{OakSlingRepositoryManager}}).

Access for {{everyone}} should be restricted:

* {{read}} should be restricted to {{/content}}
* configuration of principals and ACLs should be done with _repoinit_

# Change path from {{/}} to {{/content}} in {{OakSlingRepositoryManager}}
# Fix modules (samples) relying on _unrestricted_ {{read}} access
# Move configuration of ACLs to _repoinit_

discussion on 
[dev@|https://lists.apache.org/thread.html/36908ed62ac93c63cad594a897f8abceb93f08da5bcea30dbce98e58@%3Cdev.sling.apache.org%3E]


> Restrict access for principal everyone and move configuration to repoinit
> -------------------------------------------------------------------------
>
>                 Key: SLING-6130
>                 URL: https://issues.apache.org/jira/browse/SLING-6130
>             Project: Sling
>          Issue Type: Improvement
>          Components: JCR, Oak
>    Affects Versions: JCR Oak Server 1.1.0
>            Reporter: Oliver Lietz
>            Assignee: Oliver Lietz
>              Labels: security
>             Fix For: JCR Oak Server 1.1.2
>
>
> Currently {{everyone}} can {{read}} from {{/}} (configured in 
> {{OakSlingRepositoryManager}}).
> Access for {{everyone}} should be restricted:
> * {{read}} should be restricted to {{/content}}
> * configuration of principals and ACLs should be done with _repoinit_
> # Change path from {{/}} to {{/content}} in {{OakSlingRepositoryManager}} (/) 
> ([r1764259|https://svn.apache.org/r1764259])
> # Fix modules (samples) relying on _unrestricted_ {{read}} access
> # Move configuration of ACLs to _repoinit_
> discussion on 
> [dev@|https://lists.apache.org/thread.html/36908ed62ac93c63cad594a897f8abceb93f08da5bcea30dbce98e58@%3Cdev.sling.apache.org%3E]



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to