Ticket #2173 (closed defect: fixed)

Opened 9 years ago

Last modified 9 years ago

CPS Job system should run as true users

Reported by: gracinet Owned by: trac
Priority: P2 Milestone: CPS 3.5.1
Component: CPSUtil Version: TRUNK
Severity: critical Keywords:
Cc:

Description

CPSJob, introduced with #2080 lets you choose the user it runs as (-u option, default to 'cpsjob').

For now, this is simply a CPSUnrestrictedUser with the requested name. This has a major drawback for security ownership checking : the created objects, such as workflow scripts loaded by profiles will be owned by that user, expected to be in CPS' acl_user and later on the security checking can blow off.

This is true even if one runs as a root Zope user, because the reference to user folder is stored along with ownership info.

CPSJob should accept true users only, whether they are from CPS' acl_users or from the root one, and of course check that they have the Manager role.

Change History

comment:1 Changed 9 years ago by gracinet

  • Owner changed from madarche to trac
  • Component changed from CPS (global) to CPSUtil
  • Severity changed from normal to critical
  • Milestone changed from CPS 3.5.0 to CPS 3.5.1

comment:2 Changed 9 years ago by gracinet

  • Status changed from new to closed
  • Resolution set to fixed

Done

Note: See TracTickets for help on using tickets.