?ReadViewEntries verhindern

[machineslave]

Hallo,

kann man ?ReadViewEntries auf eine Ansicht im Browser irgendwie verhindern? (Ich meine unabhängig von den Zugriffsrechten)

Gruß

Stefan

[Glombi]

Das geht leider nicht:

You are concerned of possible security implications when Web users execute a URL with ?ReadViewEntries, similar to the following:

http://<server>/names.nsf/Servers?ReadViewEntries

Can you disable this command on the server?

Solution
No, there is no way to disable this command on the Domino server.  An enhancement request for this new functionality has been submitted to Lotus Software Quality Engineering; however, there are no plans to address it in the currently supported Domino product series.

As noted in the Domino Designer Help, this command returns only the documents a user is allowed to access.  Therefore, setting proper Access Control Lists (ACL) on your databases will prevent users from seeing any information you wish to restrict, even if they use the ?ReadViewEntries command.

Supporting Information:

The ReadViewEntries command returns an XML listing of documents within a view.  It can be used by client-side Java applets to make use of documents in the database.  It is possible to use Redirection Mapping documents to redirect browser requests that use the ?ReadViewEntries command.  However, the redirect may prevent certain Java applets from working correctly.  Therefore, the best practice is to use ACLs to restrict access.

[Glombi]

Problem

Do XML commands such as ?ReadEntries and ?ReadViewEntries represent a security risk?



Solution
No.  Documents are protected by ACLs and this applies when using the XML commands as well.

It is important for developers and administrators to understand the Domino Security Model and apply the features appropriately, based on the security needs of the data contained within the application.  Documents within a database are first controlled by access to the database itself.  If documents within the database need to be further restricted, then reader names controls should be used to protect the data at the document level. This is the correct usage of the Domino security model. Web site designers should always use the true Domino security features to safeguard data. Designers should never attempt to hide sensitive data by using obscure view names, hide-when formulas in forms, or other pure design features, as there may be alternate paths for a Web user to get at the data.

If the Domino security model is applied correctly to a database, the XML commands, ?ReadEntries, ?ReadViewEntries and ?ReadForm, do not represent any kind of a security risk.

For more information on properly securing your Domino applications and environment, please refer to the following resources:

Designing a Secure Domino App
http://www.notes.net/today.nsf/8a6d147cf55a7fd385256658007aacf1/71102330e24a7ce5852564b5005e3682

Lotus Security Handbook Redbook
http://publib-b.boulder.ibm.com/Redbooks.nsf/9445fa5b416f6e32852569ae006bb65f/58f287c9b2a7424a85256d2b004357f0

Lotus Notes and Domino R5.0 Security Infrastructure Revealed
http://www.redbooks.ibm.com/abstracts/sg245341.html