[tahoe-dev] [tahoe-lafs] #995: It's way too easy to give away write directory caps
tahoe-lafs
trac at allmydata.org
Fri Mar 12 17:49:28 PST 2010
#995: It's way too easy to give away write directory caps
-------------------------------------------+--------------------------------
Reporter: jsgf | Owner: nobody
Type: defect | Status: new
Priority: major | Milestone: undecided
Component: unknown | Version: 1.6.0
Keywords: wui usability confidentiality | Launchpad_bug:
-------------------------------------------+--------------------------------
The WUI makes it too easy to accidentally give away the write directory
caps for a directory. The most obvious thing to do - cut'n'paste the URL
- is the worst thing to do. If you want to give a RO directory cap to
someone else, you need to make a fairly explicit extra step to do so.
I don't know how to address this, but here are some thoughts:
1. Add an obvious "share this directory" button which pops up a pre-
selected cuttable RO URL, in order to try and make the right thing the
most simple and obvious.
2. Use cookies to maintain some per-session state, and use that state to
mangle the cap in the URL, to prevent it from being accepted by any other
web gateway/WUI session. Unfortunately without some strong crypto in the
browser this will not prevent the URL from being accidentally shared
unless the user notices it has been mangled before sending it.
3. Erm, something else?
--
Ticket URL: <http://allmydata.org/trac/tahoe/ticket/995>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid
More information about the tahoe-dev
mailing list