[Handle-info] admin question and further security considerations

[Konstantin Rekk <konstantin.rekk@gbv.de>]

Hi All,

I am puzzling with the admin settings/permission layout.

My main question is where exactly to put/How to organize 
admin settings.
Listing them in the O.NA/prefix handle or
putting them in extra handles like prefix/ADMIN_XXX ?

How do the admin permission flag effects exactly depend on 
the context/scope ? For example, is there a difference between setting
ADD_HANDLE in 0.NA/prefix for some HS_ADMIN value there and
the same in a prefix/ADMIN_XXX ?

I also couldn't keep my hands from playing around with our test na
handle ;-) 0.NA/10081 . It suprised me, probably due to some
misunderstanding I have, that I could do the following:

>From standard starting situation (0.NA/10081) :
100 HS_ADMIN referencing 0.NA/0.NA with big boss permissions
101 HS_ADMIN with handle=0.NA/10081; index=300; [create hdl,delete
hdl,add val,read val,modify val,add admin,list]

Using 101's permissions I was able to add a HS_PUBKEY (add val),
adding a 102 HS_ADMIN (add admin) with  [create hdl,delete hdl,add
val,read val,modify val,del admin,add admin,list] extended permissions.

Using 102 I could extend permissions for 101 :
[create hdl,delete hdl,create NA,add val,read val,modify val,del
admin,add admin,list]
Using 102 I could delete the big boss at 100.
And then I created using 101 a sub-na:
0.NA/10081.1 , just with email and HS_ADMIN to test permission effects.

All that is probably ok, but gives me the impression that I need further
explanations before going to set up different admins otherwise I could
create inconsistent permission settings.

Would really appreciate if somebody here could provide further
explanations. Thanks!

Konstantin



_______________________________________________
Handle-Info mailing list
Handle-Info@cnri.reston.va.us
http://www.handle.net/mailman/listinfo/handle-info