Open pallix opened 8 years ago
The root problem is the software architecture. The websocket server is an external service without authentication/authorization and not part of the pyramid backend. With this setup Its not possible to prevent information leaks for things that rely on the permission system.
While analysing potential security problems wrt. anonymity/pseudonymity, the following came to my mind:
Websockets can be used to be notified of the creation/change/removal of resources. Subscription can be done on any resources by the user, there is no permission check. The content of the resource is not sent, only the path.
This could be use to: