directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Karasulu <aok...@bellsouth.net>
Subject Re: Access to LdapPrincipal constructor
Date Mon, 02 May 2005 12:52:22 GMT
Niclas Hedhman wrote:

>On Saturday 30 April 2005 11:02, Alex Karasulu wrote:
>  
>
>>Ahh yeah I thought I confronted this at some point.  I have to refresh
>>myself.  Basically LdapPrincipal can only be created by the Auth service
>>you are right.  This is for security reasons and the reason while we
>>keep it package friendly.  I know I made some kind of changes to
>>accommodate a way for your Authenticators to be ok with this.
>>    
>>
>
>Alex, I don't know if you have thought about how the ApacheDS is secured over 
>all. Protecting fields, methods and constructors is no real protection at 
>all, unless combined with proper security policies and the use of 
>AccessController.doPriviliged().
>
>If no such thoughts has been spent on the subject, perhaps it is soon time to 
>start a security review of the entire system.
>  
>
Yah that's long overdue.  Of course I've thought about using privledged 
actions.  Field protection is just minimal since we did not do all the 
needed work for securiting it.  Basically we should have a Permission 
for being able to create such a principal to protect creation of an 
LdapPrincipal. 

We need more hands here to do this additional work.  Otherwise I'm going 
to have to get to it when I can. 

FYI privledged actions will be key when we have code used for stored 
procedures in the server.  Can't take the next big leap without it.

Alex


Mime
View raw message