Hi Sandro, Am 17.09.2012 um 15:20 schrieb Sandro Boehme:
> Hi Felix, > > my comment is inline. > > Am 17.09.12 11:54, schrieb Felix Meschberger: >> Hi, >> >> Am 16.09.2012 um 20:41 schrieb Sandro Boehme: >> >>> Hello, >>> >>> I understand that I can deny jcr:all for /apps and also for a >>> script path that is mounted from a bundle via >>> <Sling-Initial-Content>folder/in/bundle;overwrite:=true;path:=/folder/in/resource/tree</Sling-Initial-Content> >>> >>> > . After that the user will not see the scripts anymore. But if they are >>> called to render a resource they are still executed. Is there a way >>> to have something like jcr:execute to specify which user are >>> allowed to execute the scripts? >> >> Yes, something like an execution privilege would have been a solution >> (actually my preferred one). >> >> But we decided to do it differently: The ServletResolver which does >> the resolution uses a special user (admin by default) to access the > But the scripts are not executed as admin right? I mean: If anonymous > calls a script (jsp, eps,...) that deletes a node. And anonymous has not > the jcr:removeNode privilege on that node, he would get an error as this > script is executed as anonymous not as admin. Right? No, no. The special user is only used to find and read the script. It is then executed with the request's session. Regards Felix > > Best, > > Sandro > >> scripts. In addition only scripts at certain locations are ever >> considered. IIRC this is /libs and /apps by default such that no >> scripts below /var or /tmp may actually be executed. >> >> Both these features allow for this "security". >> >> Regards Felix >> >
