Skip to Content

Permissions for w2K in Cm Repository FSDB

We use a CM Repository in persistence mode FSDB with w2kSecurityManager.

Now we are not sure about the permissions endusers must have on w2k:

The j2EE-user needs full access, o.k.

For edit locally, move and copy, it is sufficient for endusers to have change and read/write permissions.

But if a user wants to delete or add a link on a ressource, oss said, that full access for the end user must be granted. As he can change permissions then, and delete action is possible in w2k without full access, we are not very satisfied with this statement.

How do others handle this? Do you give all users who should work in a repository full access?

We think this is a security risk and contradictory to the statement in saphelp, that users shouldn't delete directly on the fileserver - they can't from the portal side.

Regards,

Helge Stührmann

Add comment
10|10000 characters needed characters exceeded

1 Answer

  • author's profile photo Former Member
    Former Member
    Posted on Jul 27, 2004 at 08:27 AM

    W2k will handle subpermission from next hotfix, then full permission will not be needed in order to delete.

    Regards,

    Miguel

    Add comment
    10|10000 characters needed characters exceeded