[geeklog-devel] Circular group references
Vincent Furia
vmf at abtech.org
Sat May 17 21:30:04 EDT 2003
Dirk Haun wrote:
>Here's an interesting case I had:
>
>Someone wasn't able to log into his site any more. Geeklog went from
>index.php to users.php and then seemed to sit there forever.
>
>As it turned out, he had set up a circular group reference, i.e. group A
>was assigned to group B and group B to group A. So when someone who was
>in one of those groups tried to log in, Geeklog went into an endless loop.
>
>The funny thing is that using Vincent's speed improvements in lib-
>security.php enables you to log into such a site nonetheless. So
>replacing lib-security.php with the version from CVS is one way to
>resolve these problems.
>
In case anyone is curious, the reason my speed improvement doesn't get
caught in this loops is because as it creates the list of membership
groups, it checks to see if a group has already been added to the list
of groups, and if so, ignores it.
I don't think there is any reason we necessarily need to restrict
circular group assignments, besides geeklog-1.3.7's logon problems
(which will be fixed in the next release by my lib-security speed
improvements) it really doesn't hurt anything.
-Vinny
>
>However, Geeklog shouldn't let you set up such dependencies in the first
>place. Avoiding that, though, seems to be an interesting challenge ...
>Any takers?
>
>bye, Dirk
>
>
>
>
More information about the geeklog-devel
mailing list