On Thursday 06 October 2016 13:38:28 Carsten Ziegeler wrote:
> Bertrand Delacretaz wrote
>
> > Hi,
> >
> > On Thu, Oct 6, 2016 at 12:03 PM, Radu Cotescu wrote:
> >> ...Should we change this and only allow "jcr:read" on a new /content
> >> folder
> >> for "everyone"?...
> >
> >
On Thursday 06 October 2016 13:21:49 Radu Cotescu wrote:
> Why do we need to remove that statement? sling-scripting is the user that
> scripting modules should use for reading scripts. Since Sling's
> "executable" content is in the search paths (which for now are /libs and
> /apps), I think that
On Thursday 06 October 2016 10:03:41 Radu Cotescu wrote:
> Hi,
>
> In SLING-5848 [1] Oliver has raised the question about restricting access
> for the "everyone" principal, since we've started introducing service users
> with very limited access. Currently the "
Bertrand Delacretaz wrote
> Hi,
>
> On Thu, Oct 6, 2016 at 12:03 PM, Radu Cotescu wrote:
>> ...Should we change this and only allow "jcr:read" on a new /content folder
>> for "everyone"?...
>
> That might break a number of integration tests, I guess a dry run is
> needed before
Hi,
On Thu, Oct 6, 2016 at 12:03 PM, Radu Cotescu wrote:
> ...Should we change this and only allow "jcr:read" on a new /content folder
> for "everyone"?...
That might break a number of integration tests, I guess a dry run is
needed before making a decision, to see how much work
Hi,
In SLING-5848 [1] Oliver has raised the question about restricting access
for the "everyone" principal, since we've started introducing service users
with very limited access. Currently the "everyone" principal is granted
read access on "/" for backwards c