23.02.2017, 13:21
I see it as a cardinal security issue if a page can download not only objects allowed for the user in visu "User settings" but all objects. I think the best solution would be to filter objects per user. Like TP/TCP filters do.
I can imagine plenty of situation starting at jokes like "Our boss is sitting at the bathroom for more than 10 minutes" fun webpage exposed on a corporate sharepoint server to a serious criminal act based on script which is checking when a lock stay unlocked mistakenly.
I can imagine plenty of situation starting at jokes like "Our boss is sitting at the bathroom for more than 10 minutes" fun webpage exposed on a corporate sharepoint server to a serious criminal act based on script which is checking when a lock stay unlocked mistakenly.
LM5Lp, firmware: 2018.08.22 and 2021.12.15, FlashSYS v2, ARMv7 Processor rev 5 (v7l), kernel 4.4.151 and 4.4.259