I think I have a Bobby Tables problem

By Serdar Yegulalp | 2016/07/08 08:00


No, I don't have a problem where a malformed user name can cause havoc, including getting full access to the database. I do have a problem where a designer can do something like that, though.

Here's why. Designers can edit templates in MeTal, and templates can perform import functions and thus gain access to all the objects in in the system. Thus, anyone with the Designer privilege becomes a de facto site admin, because they can now manipulate any object in the system with an import in a template.

This isn't so bad if your team is small or for where you have no real expectations of compartmentalization. But on the whole, it's a problem, and I need to think of a long-term solution for it. Saying "just don't give anyone Designer privilege if you don't trust them" isn't much of a solution.

Here are some of the ways I can ameliorate this, tossed out more or less at random:

Obviously I have a ways to go before this becomes a really urgent issue, but I'd like to start thinking about it now, and find a reasonably good solution before it blows up in someone else's face.

I'm fairly sure any solution to this problem is going to be at best remedial. There is no such thing as perfect security, only degrees of it, and the most I can hope for is that ordinary users not be a hazard.


Tags: bugs design security templates themes


comments powered by Disqus