SecurityPosture
Initial Build |
2006.01 or earlier |
Module |
Admin |
Current Setting Type |
Drop Down List |
Use this system option in the following situations.
- When you create a new Column through NetForum (not SQL) using the Create Column button, the SecurityPosture system option setting does the following:
- permissive—Give grant permissions to all groups in Group Column Privilege.
- restrictive—Give grant permissions only to the groups AvectraAdmin, netForumAdmin, netForumUser.
- When you add new Group Item Links manually or through NetForum’s Object Wizard , the SecurityPosture system option setting does the following:
- permissive—Give all groups access to the new links.
- restrictive—Give no groups access to the new links. You must use the Group Link Security tool to grant access.
The default for this option is permissive.
Important! Changing this system option is not recommended. But if you want this level of security, then you'll need to set this system option to restrictive. Although changing this setting will give you additional work, see the Limitations section.
Limitations
The stored procedures described in Table (add) do not consider this system option. If you are operating with the permissive value, then you're fine. If you are operating under the restrictive value, then you should run Populate Group Privileges in iWeb and choose Undefined.
If you have the restrictive setting chosen, then when you run the Upgrade Tool and push Group Link Security metadata, it could have the effect of granting more access than you want. If you don't want this to happen, then after running the Batch Upgrade step, you'll need to manually delete all the new rows by comparing your upgrade database to a pre-upgrade database. This can be very tedious, because then you'll need to carefully add in only the Group Link security records that you do want.
Tip: In practice, we find that very few of our clients use the restrictive setting. Instead, our clients tend to take the approach, "We'll start by giving access to everyone, and then take it back as needed."
Current Setting
The current setting for SecurityPosture is used as follows:
Values: This system option can be set to permissive or restrictive.
- permissive—Generally, allows access and permission to all groups, until you remove it manually. For situation-specific information, see above.
- restrictive—Generally, denies access and permission to all groups, until you grant it manually. For situation-specific information, see above.
Default Value: permissive
Important! Changing this system option is not recommended.
Fields
This system option includes the following fields:
Description: This field gives the description of the system option, including its use and default value.
Important! Do not modify the following fields after the system option is first created. Changing these fields after they have been used can invalidate existing data.
Category: This field sets the category (usually the module) where the system option is used.
Type: The Type field determines the display type of the Current setting field (check box, drop-down list, or text box).
Values: The values field indicates the allowed values for the Current setting field.
Availability
Each system option includes the following availability settings:
Entity Level Option?: Select this check box to make this system option available on an entity level.
Visible To External Systems?: Select this check box to make this system option available in xWeb.