Hello everybody,
I have a question about the permission to execute the
different commands in lib/cmds/
Looking the files I guess, for example regarding to
this rule:
<permission>
<module>(0|1|128)</module>
<role>.*</role>
<operation>crr view</operation>
<owner>.*</owner>
</permission>
The meaning is
module 0: ca can execute it
module 1: ra can execute it
module 128: bp can execute it
if there were a 32
1. that would mean that pub can execute it, is that
right?
I have also found, for example, taking a look at the
file rbac/cmds/viewCSR.xml:
<openca>
<command_config>
<command>
<name>viewCSR</name>
<operation>csr view</operation>
<owner_method>CSR_SERIAL</owner_method>
<owner_argument>key</owner_argument>
</command>
</command_config>
</openca>
The method used to check permisions is the tag
<owner_method>CSR_SERIAL</owner_method>
but,
2. what is the meaning of CSR_SERIAL??
3. Where can I find all parameters acceptable in this
tag?
I found some other options for this tag like: CGI,
4. does this mean that this operation could be called
through a CGI from the pub interface??
5. If I want, for example, that users could execute
view CSR from the pub interface, what should I
change?, just a change from CSR_SERIAL to CGI is
enough?
Thanks a lot,
Johnny
______________________________________________
Renovamos el Correo Yahoo!
Nuevos servicios, más seguridad
http://correo.yahoo.es
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
OpenCA-Devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-devel
