Description
Pages, that contains dictionaries aka WikiDict, may have sensitive data in values, so they should sometimes be protected by acl. But no acl can protect values from being retrieved by [[GetVal(pageDict,valuename)]] macro (or any other macro).
Steps to reproduce
Create some empty page, say pageDict
write there some sensitive data: (see HelpOnVariables or WikiDict for all details about syntax)
key1:: secret2 key2:: secret1
write acl for it, prohibiting any access trying to protect values secret1 and secret2
#acl -All:read
- try to view pageDict, be sure, that system doesn't allow you to do that.
write on any other page in your wiki [[GetVal(pageDict,key1)]]
- view that other page, it will display contents of a page which is forbidden to see directly.
BAD, we can't protect WikiDict contents if someone have write access to some page.
Component selection
- wikidicts have no acl checks
Details
MoinMoin Version |
Release 1.5.7 |
OS and Version |
Debian 4 |
Python Version |
2.4.4 (#1, Apr 26 2007, 00:00:31) [GCC 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)] |
Server Setup |
|
Server Details |
|
Language you are using the wiki in (set in the browser/UserPreferences) |
en |
Workaround
Not to allow users edit pages, until they are allowed to see pageDict contents, or never put any sensitive information into WikiDict.
Discussion
How should data in Dicts be protected?
Nohow, there should be only public data. Wiki is for publication!
Every piece of code while accessing Dict values should check the access rights by its own. (so GetVal macro too)
Check should be done somewhere in MoinMoin.wikidicts
- Else...?
Should there be a special access right like ''dictread'' in addition to ''read''?
Thanks for great wiki system! (spg)
Plan
- Priority:
- Assigned to:
- Status: fixed for 1.7 changeset 2786: a16ba90d1f7e
- backported to 1.6 changeset 2142: cb9ee7553817,
- backported to 1.5 changeset 845: 4a7de0173734
Super!!! It got fixed! Thanks, people! (spg)