Difference between revisions of "SG:Security Issues"

SG:Security Issues (view source)

33 bytes added , 14:30, 10 April 2012

m

no edit summary

683

edits

Revision as of 14:28, 10 April 2012 (view source) Victor (talk \| contribs) (Created page with "Because NXSL provides functions for searching objects, and because all scripts are executed on management server, user with write access to only one node can potentially acqui...")		Revision as of 14:30, 10 April 2012 (view source) Victor (talk \| contribs) m Newer edit →
Line 1:		Line 1:
			{{DISPLAYTITLE:Security Issues}}
	Because NXSL provides functions for searching objects, and because all scripts are executed on management server, user with write access to only one node can potentially acquire information about nodes to which he normally does not have access. For example, without additional security checks user with write access to node A and no access to node B can create transformation script for DCI on node A and use [[NXSL:FindNodeObject\|FindNodeObject]] function to access node B and get information about it, thus breaking security settings.		Because NXSL provides functions for searching objects, and because all scripts are executed on management server, user with write access to only one node can potentially acquire information about nodes to which he normally does not have access. For example, without additional security checks user with write access to node A and no access to node B can create transformation script for DCI on node A and use [[NXSL:FindNodeObject\|FindNodeObject]] function to access node B and get information about it, thus breaking security settings.