Feature #8463

Check security policy for objects reconstituted in the session scope

Added by Andreas Förthner about 11 years ago. Updated almost 11 years ago.

Status:
New
Priority:
Should have
Assignee:
-
Category:
Security
Target version:
-
Start date:
2010-06-23
Due date:
% Done:

0%

Estimated time:
PHP Version:
Has patch:
Complexity:

Description

Currently persited objects that are reconstituted in the session scope are not checked against the security policy. This might be a problem, if a persisted object has changed from one request to the other and the user is no longer allowed to access this object becaouse of the change.


Related issues

Related to TYPO3.Flow - Major Feature #5659: Implement content securityResolvedAndreas Förthner2009-12-07

Actions

Also available in: Atom PDF