[
https://issues.apache.org/jira/browse/JCRVLT-100?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15098082#comment-15098082
]
Marius Petria commented on JCRVLT-100:
--------------------------------------
[~tripod] what do you mean by rooted packages? AFAICS {{ZipVaultPackage}} still
uses the root node, so I wonder if there is anyway to create packages that do
not require read on the root node.
> FileVault requires access to root node
> --------------------------------------
>
> Key: JCRVLT-100
> URL: https://issues.apache.org/jira/browse/JCRVLT-100
> Project: Jackrabbit FileVault
> Issue Type: Bug
> Components: Misc, Packaging
> Reporter: angela
> Fix For: 3.1.26
>
> Attachments: JCRVLT-99_DefaultWorkspaceFilter.patch,
> JCRVLT-99_DocViewSAXImporter_JcrSysViewTransformer.patch,
> JCRVLT-99_Importer.patch, JCRVLT-99_JcrPackageDefinitionImpl.patch,
> JCRVLT-99_JcrPackageManagerImpl.patch, filevault_root_access.txt
>
>
> Based on the JCRLT-99 i searched the code base for additional places where
> access to the root node is required.
> [~tripod], in the attached {{filevault_root_access.txt}} you can find the
> complete result for searching the jcrvlt code base for {{getRootNode}}. some
> seemed to be valid shortcuts (marked with _(excluded)_) but i suspect that
> others might require some attention.
> if using the functionality provided with a non-admin session, access to the
> root node is likely to not be granted thus rendering the filevault unusable
> (or risking privilege escalations by being forced to grant a non-privileged
> session full access up to the root node).
> i will create individual subtasks for the various parts that IMHO need to be
> fixed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
