Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Task] ensure only allowed items are synced to ES #37

Open
OriHoch opened this issue Jul 11, 2017 · 2 comments
Open

[Task] ensure only allowed items are synced to ES #37

OriHoch opened this issue Jul 11, 2017 · 2 comments
Labels
clearmash help wanted

Comments

@OriHoch
Copy link
Contributor

OriHoch commented Jul 11, 2017
edited
Loading

In the new architecture we would like to have only allowed items in ElasticSearch

So that, any item not allowed will be -

Current logic of not allowed replicates the old BHP logic but adjusted for CM
This was referenced Jul 11, 2017
Closed
Closed
@OriHoch
Copy link
Contributor Author

OriHoch commented Jul 11, 2017

this works in latest draft release (0.1.2), need to test and ensure it works and works correctly

@ghost
Copy link

ghost commented Aug 2, 2017

The fact that the API user is an admin and can see unwanted items is not just a bug but also a very dangerous security risk.
You should create a role and let ClearMash handle it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
clearmash help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@OriHoch