This project is read-only.

Sharepoint Security Easily bypassed.

Oct 21, 2010 at 9:20 AM
Edited Oct 21, 2010 at 9:23 AM

Hello All,

has anyone any ideas on how to close the security loophole that allows the end user to bypass the sharepoint security. This can be acheived by carrying out the following:

Navigate to 'Podcasts' page.

Select any of the videos to play.

Right click on download and select 'Properties'.

Copy the URL and paste it into another browser session.

Trim off the last bit of the URL - it will be something like '?=&mode=Play-Download'.

Press 'Return'.

 

It looks like what happens here is that the IIS and file level security takes over and Sharepoint access policies are ignored. Maybe I have missed something during instalation.

Hope to hears from others who may have the same concerns.

Thanks in advance,

Steve

Oct 21, 2010 at 9:23 AM
Edited Oct 21, 2010 at 9:25 AM

Edited prev post to remove spelling mistakes

Oct 21, 2010 at 9:38 AM

Hi Criss,

It is not security by pass, it is due to security settings of your IE browser. IE Browser is taking your current windows log in to log in into site.

you can verify this by changing the security settings for the zone in which this site is opening, you can change user authentication log on to "Prompt for user name and password" and then try it out, IE browser will ask you for password every time you restart browser and access site.

Also about parameter at the end of the file url, it is tracking parameter to track from which page file is downloaded was file played or normal download or downloaded using RSS etc.

 

Hope this helps

Oct 21, 2010 at 9:48 AM

Wow that was a quick response and thanks for that. When you say to change the user authentication, where do you mean - inside Sharepoint or on IIS?

Oct 21, 2010 at 9:55 AM

In IE browser settings. Tools->Internet Options-> Security(tab), do the settings under appropriate zone in which your site is opened by IE browser.

Oct 26, 2010 at 1:44 PM
Edited Oct 26, 2010 at 1:45 PM

Thanks for the input J.

I misunderstood a few things. What is happening I think is firstly when you go to the trimmed url, MOSS will prompt you for a username and password like you would hope for.

After that if you have the ACLs wide open on the file, you can play it. Closing down the ACLs on the files/directory just to the 'ap pool id' will cause you to be prompted by

IIS for username and password.

 

Cheers

Steve