Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Done
Priority: Major - P3
Fix Version/s: None
Affects Version/s: 2.6.0-rc1
Component/s: Security
Labels:
None

CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

Currently the eval command require all available permissions in order to run. It would be better to only require permissions for the actual operations that is performed by the enclosed script.

This is currently prevented by the way we parse and execute Javascript so it is a non-trivial problem to solve.

Assignee:: DO NOT USE - Backlog - Platform Team
Reporter:: Andreas Nilsson (Inactive)
Participants:: Andreas Nilsson, DO NOT USE - Backlog - Platform Team, Hugues Lismonde, Sara Williamson
Votes:: 1 Vote for this issue
Watchers:: 5 Start watching this issue

Created:: Mar 17 2014 09:35:02 PM UTC
Updated:: Sep 10 2018 05:42:49 PM UTC
Resolved:: Sep 10 2018 05:42:49 PM UTC

Details

Description

Attachments

Activity

People

Dates