Dadong Zhou (e633f61d) at 27 Mar 14:25
Dadong Zhou (e633f61d) at 27 Mar 14:24
Update releasenotes.md
Dadong Zhou (0c4b72a5) at 27 Mar 14:21
Update releasenotes.md
Updated the default DataAuthz and Search policies to treat 'users.data.root' as super user.
Please see the requirements in osdu/platform/system/storage#220.
Dadong Zhou (256423c4) at 27 Mar 14:00
Updated to treat 'users.data.root' as super user
Dadong Zhou (85179719) at 27 Mar 13:03
created: osdu/platform/system/storage#222
From Fabrice HAÜY [SLB] on Slack:
Hi Team, I'm looking for some updated information / roadmap, as from our latest conversations at the OSDU F2F in London, I understood that currently, the policy engine only knowns about id, kind, legal tag, and acl, making it not possible to create policy entitlements based on the value of a property of the record. I'm looking for information surrounding this limitation and when it'll be unlocked. thank you in advance
Copied from Policy repo: osdu/platform/security-and-compliance/policy#95
Guess only input from storage service would be different.
Hi @deepapathak @hutchins @KellyZhou we can update the default forum policies (dataauthz and search policies) to put 'user.data.root' as the super user. Thanks.
Upgrading OPA to 0.62.1 CVE-2024-24783 (https://pkg.go.dev/vuln/GO-2024-2598).
See https://github.com/open-policy-agent/opa/releases/tag/v0.62.1
If you’re not doing TLS / arbitrary http.send, it might not apply to you to
Additionally CVE-2023-6246, CVE-2023-6779 may also be involved.