[geeklog-devel] Circular group references
vmf at abtech.org
Sat May 17 21:30:04 EDT 2003
Dirk Haun wrote:
>Here's an interesting case I had:
>Someone wasn't able to log into his site any more. Geeklog went from
>index.php to users.php and then seemed to sit there forever.
>As it turned out, he had set up a circular group reference, i.e. group A
>was assigned to group B and group B to group A. So when someone who was
>in one of those groups tried to log in, Geeklog went into an endless loop.
>The funny thing is that using Vincent's speed improvements in lib-
>security.php enables you to log into such a site nonetheless. So
>replacing lib-security.php with the version from CVS is one way to
>resolve these problems.
In case anyone is curious, the reason my speed improvement doesn't get
caught in this loops is because as it creates the list of membership
groups, it checks to see if a group has already been added to the list
of groups, and if so, ignores it.
I don't think there is any reason we necessarily need to restrict
circular group assignments, besides geeklog-1.3.7's logon problems
(which will be fixed in the next release by my lib-security speed
improvements) it really doesn't hurt anything.
>However, Geeklog shouldn't let you set up such dependencies in the first
>place. Avoiding that, though, seems to be an interesting challenge ...
More information about the geeklog-devel