Two security related questions

  1. I noticed that any service invoked through a trigger runs under Administrator. This appears to be an easy way to elevate ones priviliges and is therefore a security risk. Is there a way to secure this?

  2. I noticed that the wmPublic scheduling API allows any user (including the Default user) to create a schedule under any other userid including Administrator. Again this seems to be a very easy way to elevate ones priviliges. Is there a way to secure this?




q1: triggers are coded to run specific services. How would a unprivileged user elevate their privilege?

q2: The ‘add###Task’ built-in services have the Internal ACL. This is not accessible to anyone other than Developers/Administrators.

If you do have other security concerns, you can always post them to

q1: One possibility is an unprivileged user could publish the correct document to an unsecured Broker. But that’s a Broker deployment issue, not an IS security issue.

Manuel, are you using SSL for Broker?