uima-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lou DeGenaro (JIRA)" <...@uima.apache.org>
Subject [jira] [Commented] (UIMA-5800) DUCC Web Server (WS) does not honor db.access permissions when changed?
Date Mon, 25 Jun 2018 21:19:00 GMT

    [ https://issues.apache.org/jira/browse/UIMA-5800?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16522830#comment-16522830
] 

Lou DeGenaro commented on UIMA-5800:
------------------------------------

For example, WS would first use ducc_ling to do:

    [user1@hostXYZ ~]$ stat .ducc/db.access
      File: ?.ducc/db.access?
      Size: 115       Blocks: 128        IO Block: 2097152 regular file
    Device: 29h/41d Inode: 72092732    Links: 1
    Access: (0640/-rw-r-----)  Uid: ( 2301/     user1)   Gid: ( 3107/group_w)
    Access: 2018-06-14 13:16:17.150339388 -0500
    Modify: 2017-11-03 16:17:06.397094000 -0500
    Change: 2017-11-03 16:17:06.397013926 -0500

If (db.access is readable by all), access is allowed,
else (if not group readable), access is denied,
else check if user user2 is a member of the group:

    [user1@hostXYZ ~]$ id user2
    uid=1987(user2) gid=3107(group_w) groups=3107(group_w),100(users),1000(group_a),2000(group_b),2076(ducc)

if yes, allowed, if not denied.

> DUCC Web Server (WS) does not honor db.access permissions when changed?
> -----------------------------------------------------------------------
>
>                 Key: UIMA-5800
>                 URL: https://issues.apache.org/jira/browse/UIMA-5800
>             Project: UIMA
>          Issue Type: Bug
>          Components: DUCC
>            Reporter: Lou DeGenaro
>            Assignee: Lou DeGenaro
>            Priority: Major
>             Fix For: 2.2.3-Ducc
>
>
> user is trying to use ducc-mon to view another user's data which is stored in DB.  File
db.access owning user's permissions were rw - -.  When changed to rw r r, the alien user
still cannot see data coming from DB.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message