mugle-dev team mailing list archive
-
mugle-dev team
-
Mailing list archive
-
Message #00385
Re: [Bug 786016] Re: Direct Access to Services from client side
I dont think, this is a non-issue, once security is implemented
properly.
On Wed, May 25, 2011 at 11:32 PM, Matt Giuca
<786016@xxxxxxxxxxxxxxxxxx>wrote:
> Can someone figure out if this is still an issue? I don't want old bugs
> lying around if they are not real concerns.
>
> --
> You received this bug notification because you are a direct subscriber
> of the bug.
> https://bugs.launchpad.net/bugs/786016
>
> Title:
> Direct Access to Services from client side
>
> Status in Melbourne University Game-based Learning Environment:
> Triaged
>
> Bug description:
> While Prageeth has coded the casting of shared objects to datastore
> objects to have security checks, these can be bypassed by calling the
> shared services directly. The type of these classes should be changed
> to Protected if possible to avoid this
>
> To unsubscribe from this bug, go to:
> https://bugs.launchpad.net/mugle/+bug/786016/+subscribe
>
--
You received this bug notification because you are a member of MUGLE
Developers, which is a direct subscriber.
https://bugs.launchpad.net/bugs/786016
Title:
Direct Access to Services from client side
Status in Melbourne University Game-based Learning Environment:
Triaged
Bug description:
While Prageeth has coded the casting of shared objects to datastore
objects to have security checks, these can be bypassed by calling the
shared services directly. The type of these classes should be changed
to Protected if possible to avoid this
References