DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=35830>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=35830 Summary: DAV:owner property and ACL inheritance bug Product: Slide Version: 2.1 Platform: Other OS/Version: Windows XP Status: NEW Severity: minor Priority: P4 Component: Security AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] Hello folks, I've been making some ACL experimentation, and found a possible bug. What I am trying to do, is to set and ACE entry for the DAV:owner property, granting him all privileges. For example, a resource would tipically have an ACE like this on top of the ACL: <D:acl xmlns:D="DAV:"> <D:ace> <D:principal> <D:property> <D:owner /> </D:property> </D:principal> <D:grant> <D:privilege> <D:all /> </D:privilege> </D:grant> </D:ace> ... </D:acl> After the owner ACE, I set an ACE forbidding everyone write privilege, that would look like this: <D:acl xmlns:D="DAV:"> <D:ace> <D:principal> <D:property> <D:owner /> </D:property> </D:principal> <D:grant> <D:privilege> <D:all /> </D:privilege> </D:grant> </D:ace> <D:ace> <D:principal> <D:all /> </D:principal> <D:deny> <D:privilege> <D:write /> </D:privilege> </D:deny> </D:ace> ... </D:acl> If the resource where that ACL was set is a collection, and I try to PUT method into that collection, Slide is answering with a response starting with: HTTP/1.1 403 Forbidden: Access denied on /files/miguel.testes/teste/chave do office.txt by user /users/mfigueiredo for action /actions/write the collection with the ACL is /files/miguel.testes/teste and the file being PUTed is chave do office.txt Many thanks, GREAT job on Slide btw!! -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
