esme-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard Hirsch <hirsch.d...@gmail.com>
Subject Re: Deleting user from access pool
Date Wed, 30 Sep 2009 09:38:41 GMT
I'd try and avoid blocking the pool name.  Otherwise we have to store
all pool names.

I'd create messages when a user is added to deleted from a pool.  I'd
also create messages when a pool is created or deleted.  I'll create a
JIRA item for this when apache is working again.

D.

On Wed, Sep 30, 2009 at 11:19 AM, Xuefeng Wu <benewu@gmail.com> wrote:
> @Richard It's my pleasure to do this.
> I agree with Vassil. I would start to technical design and develop after we
> reach an agreement.
>
>
>
> On Wed, Sep 30, 2009 at 5:09 PM, Vassil Dichev <vdichev@apache.org> wrote:
>
>> > We should have unique Id which can not be deleted.User or Pool could have
>> > same name but have different unique id which only system know.
>> >
>> > The pool name can not have duplicate validate same name,
>> > but the validate pool could have a name as same as invalidate pool.
>>
>> This is not a technical problem, but a social engineering aspect of
>> security. The user will not see this id, and even if they do, they
>> won't care. The thing they will see is the pool name. So if one day
>> the pool is deleted and on the next day another pool is added by a
>> different person, but with the same name, the user might be tricked
>> into sending confidential messages to that pool.
>>
>> One way to alleviate the problem is to trigger a message that a user
>> has been added to a pool. But will this be enough? Or should we block
>> the pool name forever, even when the pool has been deleted?
>>
>> Vassil
>>
>
>
>
> --
> Global R&D Center,Shanghai China,Carestream Health, Inc.
> Tel:(86-21)3852 6101
>

Mime
View raw message