User Story #200 (closed)
User can run queries and not break security (Read security umbrella)
|Reported by:||jamoore||Owned by:||jamoore|
|Total Remaining Time:||n.a.||Estimated Remaining Time:||n.a.|
What this means is that no matter what User A asks, no information should be leaked about User B that's been marked unreadable. An example of this would be the query : " all categories involving the gene X ? " . An subtler leak would be of the form : "how many categories invole the the gene X ? " .
To prevent this, values can't just be nulled through an interceptor, but they should be filtered at the db level. However, the one caveat is that if a user sets such information to unreadable (but leaves it writable) then they can lose data. This, however, should be common sense.
Change History (9)
comment:4 Changed 14 years ago by jmoore
- Summary changed from User can run queries and not break security to User can run queries and not break security (Read security umbrella)