sling-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Carsten Ziegeler <cziege...@apache.org>
Subject Re: [sling:resourceType] protected execution
Date Thu, 04 Oct 2018 15:13:16 GMT
Does it work for scripts? How?

Carsten


Bertrand Delacretaz wrote
> On Thu, Oct 4, 2018 at 4:50 PM Jason E Bailey <jeb@apache.org> wrote:
>> ...a user can create a resource with a rt/danger resourceType but they can't execute
it unless they have permission to
>> execute the rt/danger resource.
>>
>> We do this for our script under /apps/ where we prevent access to certain groups
so that even if they create the resource
>> that references it, it won't work for them....
> 
> That works for scripts, but how about servlets? I think that's where
> this proposal makes sense.
> 
> -Bertrand
> 
-- 
Carsten Ziegeler
Adobe Research Switzerland
cziegeler@apache.org

Mime
View raw message