To access any bit of data on a Domino server, a user has to get over these hurdles:
- Network or "KVM" access to the server
- KVM access means actual or virtual access to the server's keyboard, video, and mouse.
- Users with KVM access may be able to bypass some of the other security measures.
- Authenticate with the server
- Server ACLs (in the Server doc, under the Security tab)
- File System ACL if user has requested a file in the html directory.
- Directory Link ACL if the data is in a database that is in a linked folder
- Database ACL if the data is in a database
- Inside the database:
- View ACL (controls who can use a view)
- Form ACL (controls who can create documents with a form)
- Document access
- Section ACL (controls who can edit the fields in the section)
- $Readers field and fields of Readers or Authors data type
- $Readers and Readers fields control who can see/read a document
- Authors fields control who (having Author access in the database ACL) can edit the document
- Encrypted fields (user must have a decryption key to decrypt the data in the field)
No comments:
Post a Comment