Feature #6605

Integrate the security policy into resource management

Added by Andreas Förthner almost 11 years ago. Updated about 10 years ago.

Status:
Resolved
Priority:
Should have
Category:
Security
Start date:
Due date:
% Done:

100%

Estimated time:
30.00 h
PHP Version:
Has patch:
Complexity:

Description

Resources are basically objects that can be secured by model security (see #6604). We'll have to find a solution how secured files have to be handled by the resource manager.

One possiblity would be:

We have a special virtual folder named after the secure session key that holds symlinks to all resources the current user is allowed to access. We could also add a dynamic rewrite rule that restricts access to this folder to the IP of this user. The folder would have to "expire" with the user session.


Related issues

Related to TYPO3.Flow - Major Feature #5659: Implement content securityResolvedAndreas Förthner2009-12-07

Actions
#1

Updated by Andreas Förthner almost 11 years ago

  • Target version set to 1.0 alpha 9
#2

Updated by Robert Lemke almost 11 years ago

  • Status changed from New to Accepted
  • Start date deleted (2010-02-25)
  • Estimated time set to 30.00 h
#3

Updated by Robert Lemke over 10 years ago

  • Target version deleted (1.0 alpha 9)
#4

Updated by Andreas Förthner over 10 years ago

  • Target version set to 1.0 alpha 11
#5

Updated by Karsten Dambekalns over 10 years ago

  • Target version deleted (1.0 alpha 11)
#6

Updated by Andreas Förthner over 10 years ago

  • Target version set to 1.0 alpha 13
#7

Updated by Karsten Dambekalns about 10 years ago

  • Target version changed from 1.0 alpha 13 to 1.0 alpha 14
#8

Updated by Andreas Förthner about 10 years ago

  • Status changed from Accepted to Resolved
  • % Done changed from 0 to 100

Also available in: Atom PDF