Conference orarep::nomahs::repository

1072.0. "CONTROL necessary for SHOW command in V7.0?" by 8292::PJACOB (Patrick [email protected]) Thu Mar 20 1997 11:09

New with Version 7.0 of CDD/Repository, we need CONTROL privilege on element
to do a SHOW command. Can't find anything on this in the release notes. Is this
a bug or a new restriction ? Why ?

The following log shows that when a field is owned by someone else, I get a 
	CDD-E-NOCONTROL, no privilege to control xxxx
when I haven't CONTROL privilege. Giving the CONTROL privilege to me make the
SHOW FIELD command to succeed. This was not true in 6.1-03.

Any comments?

Patrick.

$ @bourgeois
$ set noon
$ set process/priv=all
$ set uic [DAF,Pdelobel]
$ repos opera
set default SYS$COMMON:[CDDPLUS]PJACOB.COFIDIS
define field bourgeois datatype text size 11.
define protection for field bourgeois ident [DAF,Pjacob] access
READ+WRITE+MODIFY+ERASE+SHOW+DEFINE+CHANGE+DELETE+OPERATOR+ADMINISTRATOR.
exit
$ set uic [DAF,PJACOB]
$ set process/privileges=(noall,netmbx,tmpmbx)
$ repos opera
set default SYS$COMMON:[CDDPLUS]PJACOB.COFIDIS
show protection for field bourgeois
%CDO-E-ERRSHOWPROT, error displaying an ACL
-CDD-E-NOCONTROL, no privilege to control SYS$COMMON:[CDDPLUS]PJACOB.COFIDIS.BOU
RGEOIS(1)
exit
$ set process/privileges=all
$ repos opera
set default SYS$COMMON:[CDDPLUS]PJACOB.COFIDIS
change protection for field bourgeois access control.
exit
$ set process/privileges=(noall,netmbx,tmpmbx)
$ repos opera
set default SYS$COMMON:[CDDPLUS]PJACOB.COFIDIS
show protection for field bourgeois

 Directory SYS$COMMON:[CDDPLUS]PJACOB.COFIDIS

BOURGEOIS(1)
          (IDENTIFIER=[DAF,PJACOB],ACCESS=READ+WRITE+MODIFY+ERASE+SHOW+DEFINE+
          CHANGE+DELETE+CONTROL+OPERATOR+ADMINISTRATOR)
         
(IDENTIFIER=[DAF,PDELOBEL],ACCESS=READ+WRITE+MODIFY+ERASE+SHOW+DEFINE+
          CHANGE+DELETE+CONTROL+OPERATOR+ADMINISTRATOR)
          (IDENTIFIER=[SYSTEM],ACCESS=READ+WRITE+MODIFY+ERASE+SHOW+DEFINE+
          CHANGE+DELETE+CONTROL+OPERATOR+ADMINISTRATOR)
          (IDENTIFIER=[*,*],ACCESS=READ+WRITE+MODIFY+ERASE+SHOW+DEFINE+CHANGE+
          DELETE+CONTROL+OPERATOR+ADMINISTRATOR)
exit
$

You need CONTROL privilege to read, write or modify an ACL.  Therefore, you need
CONTROL privilege for the SHOW, DEFINE, CHANGE and DELETE PROTECTION commands.
You only need SHOW privilege to SHOW PRIVILEGES and SHOW FIELD/RECORD/etc.

V6.1 and earlier allowed you to SHOW acls with only SHOW privilege, which was a
bug and a security hole.  This was fixed in V7.0, so that the required CONTROL
privilege is now enforced.

    I reported this hole in security in bug 469152 with a high priority. 
    The customer is waiting for a workaround in the meantime. It is urgent.
    All the developers has to do SHOW command without privileges to do
    everything.
    
    Any ideas will be welcomed?
    
    Patrick 

Hi Colleen, 

thank you for your help. I was typing my reply when you just entered yours
before mine. 

OK for the SHOW PROTECTION. Excuse me but the log I supplied was not accurate.
I am sorry about this. The problem was really on the SHOW FIELD ( not the SHOW
PROTECTION ). 
In CDD/R V7.0 , SHOW FIELD generates NOCONTROL error:
	show field bourgeois
	%CDO-E-ERRSHOW, error displaying an object
	-CDD-E-NOCONTROL, no privilege to control SYS$COMMON:[CDDPLUS]PJACOB.CO
	FIDIS.BOURGEOIS(1)
In CDD/R V6.1-03, SHOW FIELD works as expected:
	show field bourgeois
	Definition of field BOURGEOIS
	|   Datatype                 text size is 11 characters
	
Thus , I agreed with the V7.0 fix about SHOW PROTECTION but the SHOW FIELD must 
continue to work without CONTROL. Therefore, my bug is still valid, rigth ?

Patrick

    fixed in CDD 7.0-01 
    
    Patrick