Closed GoogleCodeExporter closed 9 years ago
I think users should download documents for their personal use to their
computers,
thus there is no need to implement a personal whiteboard.
As for whiteboard updates, I believe uploads or deleting of files should be
managed
by the same security scheme, as whiteboard drawings.
Original comment by alexei.f...@gmail.com
on 9 Jun 2009 at 4:29
Hi,
OK, In my comment I speak about another problem....
Moderator and simple user could import and dowload files, that's great.
BUT simple user could DELETE files too, I think it's a very important problem.
Moderator prepares his conference and "hop", simple user delete all files...not
really good...
What do you think about this ?
Bidab
Original comment by ivan.bol...@gmail.com
on 12 Jun 2009 at 8:55
Ivan,
All,
I believe, Openmetings is targeted to a friendly auditorium. In 99% of the
meetings
occurred all participants respect each other and won't be doing such wicked
things
like intentional file deletion, shouting at the microphone etc.
If another user has deleted some document by mistake, it's not a problem. The
origin
of the document is in speaker's computer, so he/she can upload it again.
Once more, the Openmeetings is now for friendly environment. You're absolutely
right
that it lack for defense against aggressive environment. I think, we should
talk over
the further development in the security direction.
I see a number of things that should be improved:
- Any user can delete any file from the server
- Any user can disturb all other users, transmit a noise etc., a moderator
cannot
even mute him
- Only an administrator can kick off users, but a moderator is not obligatory
an
administrator
- Any user can login as many times as he wants using just one account
- A registration process doesn't support any kind of defence against bot
registrations
- The same concerning authorization
- Anyone can send spam using invitations and meeting schedule. All the letters
will
be sent by OM server
- If a user changes a resolution of his own image and presses "Reload", the
traffic
increases. So this is the way to go the server down. If several users increase
a
resolution of all the windows (their own as well as other participant's), the
traffic
(both ingoing and outgoing for server) increases dramatically.
- No check for the real server bandwidth. If a traffic overcomes the bandwidth,
a lag
makes the OM useless.
- Everyone can make a lot of spots during the presentations. Though they
disappear
quickly, 10-20 or even 30 spots can really disturb everyone.
- Though it not the business of OM server, banning by IP from inside the OM may
be
useful
I guess one can add more OM security holes to this list. So I encourage
everybody
enrich the list on (and fix the problems).
Original comment by e.rovin...@gmail.com
on 13 Jun 2009 at 11:14
I think we can close this.
There is now a 3. Roomtype called restriced where users cannot see or upload any
document.
Original comment by seba.wag...@gmail.com
on 17 Nov 2009 at 8:50
Original issue reported on code.google.com by
ivan.bol...@gmail.com
on 20 May 2009 at 7:59