/build/static/layout/Breadcrumb_cap_w.png

App-V 4.5 Permissions Bug

Just checking if anyone knows if this is by design or a serious bug in 4.5. I've been using softgrid since 3.0 and this is the first version I have found this.

For this example lets say I have a suite like MSOffice that has say 6 published icons, Excel, Word, PowerPoint, Outlook, Access, and PictureManager. If I give a user access to Word and refresh the user Word now shows up on their desktop and they can run it. Everything works fine so far, right. So now I have a smart user. That user browses to the content share and clicks on OSD files to launch apps. That smart user who ONLY has access to Word through the Softgrid MMC can actually launch EVERY OSD file related to the MSOffice suite. This is a problem.

Anyone else experience this? Is this by design or a known bug?

Thanks for the help...

0 Comments   [ + ] Show comments

Answers (3)

Posted by: DannyC 15 years ago
Orange Belt
0
This is 'by design' I'm afraid..

You could apply permissions to the OSD's directly but that wouldn't stop your 'smart' user from modifying the OSD that he does have access toand launching another exe from within the same package.

In 4.5 you can apply ACL's to the files in the package to prevent this from happening as well but it's still not ideal.
Posted by: anonfoo 15 years ago
Senior Yellow Belt
0
Dang...that kinda sucks. Any idea why they did that? That was useful for a simple example if I package Office I dont want to have to have a seperate package for MSAccess and I dont want all users to have access to MSAccess but I do want all users to have access to Word, Excel, etc. If thats by design it's kinda stupid to have the access tab on the OSD publication, it should be on the package publication. We have a lot of apps that have the user GUI and the Admin GUI where we dont give users access to the Admin GUI (icon) this means when we move to 4.5 they will now have access to it :(
Posted by: kkaminsk 15 years ago
9th Degree Black Belt
0
What are your client settings? Make sure "require authorization even when cached" is turned on and users shouldn't be allowed to double click other OSDs in the package other than the ones they have rights to.
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ