permissions

问题 I want to read Contacts via Contacts Picker like this: Intent contactPickerIntent = new Intent(Intent.ACTION_PICK, Contacts.CONTENT_URI); startActivityForResult(contact, CONTACT_PICK_CODE); If I get the Result, the intent.getData() contains an uri to lookup the Contact, but I need the permission READ_CONTACTS to to read it. I thought it may be possible to recieve a Contact without this permission, similar to the CALL permission: If I want to make a call directly, I need it, but without it I

问题 I'm getting the following error when calling a stored procedure: Cannot find the object "XXX" because it does not exist or you do not have permission. I've checked the database and the SP is there with the correct permissions yet I'm still getting the error. Any suggestions? 回答1: I discovered that I had left off the "GO" word after "END" in my stored proc. Altering the Proc and adding back GO fixed this issue for me. 回答2: Ok, here's what happened. There was a special character before the end

问题 Our website was hacked due the fact a folder had 777 permissions which means people can upload files there and run scripts remotely. However, the folder needs to be 777 as the site got a client feature to crop images, and need to save the cropped images there. How can I secure this folder and prevent hacking? Please show me how to do this? Thanks a lot! 回答1: I would reconsider your design. You should restrict the client to reading and executing (but not writing to) a script that you have

问题 I am currently trying to develop an image uploading website by using CodeIgniter. The thing is, I came across an issue today and I would really appreciate any kind of help in order to solve it. So basically, the site is working. But the thing is, that the files are not private. A user may want to ensure that the files the users upload are only visible by them, and not by someone who just guesses a bunch of urls. (eg. user1 uploads image1 which he wants to keep private, for himself =>

问题 I have a method A which might look like following: public double A{ if (secM == null) { secM = new SecurityManager(); System.setSecurityManager(secM); } //do something and return a double } The problem is that once the SecurityManager is set, it is for the entire project, but I only need it to be for the class this method is in. How can I tell the SecurityManager to only verify the permissions for this method/class? 回答1: What actions do you want the SecurityManager to prevent, and which do

问题 I'm writing an application that is used to search through folders for their permissions and return details such as Rights (eg Full Control, Read), AccessControlType (eg Allow, Deny) and Apply To information (eg This folder, subfolders and files). Most of this information I am able to obtain using DirectoryInfo's GetAccessControl(DirectorySecurity) method. However, I can't accurately obtain the directory's Apply To information. After much research I came across this StackOverflow Q&A How to

问题 I am trying to use Gitolite + Gitweb but I am running into some problems.. My conf/gitolite.conf is the following @dataset_repos = dat1 dat2 @closedsrc_repos = cod1 cod2 @opensrc_repos = testing @admins = user1 user2 @bios = user1 user2 user3 @coders = user1 user3 repo gitolite-admin RW+ = @admins repo @opensrc_repos RW+ = @all repo @dataset_repos RW+ = @admins @bios repo @closedsrc_repos RW+ = @admins @coders When I first inserted repository code1 and code2, git told me: remote: Initialized

问题 I am trying to use Gitolite + Gitweb but I am running into some problems.. My conf/gitolite.conf is the following @dataset_repos = dat1 dat2 @closedsrc_repos = cod1 cod2 @opensrc_repos = testing @admins = user1 user2 @bios = user1 user2 user3 @coders = user1 user3 repo gitolite-admin RW+ = @admins repo @opensrc_repos RW+ = @all repo @dataset_repos RW+ = @admins @bios repo @closedsrc_repos RW+ = @admins @coders When I first inserted repository code1 and code2, git told me: remote: Initialized

问题 Using the SQL Server Reporting Services Web Service , how can I determine the permissions of a particular domain user for a particular report? The user in question is not the user that is accessing the Web Service. I am accessing the Web Service using a domain service account (lets say MYDOMAIN\SSRSAdmin ) that has full permissions in SSRS . I would like to programmatically find the permissions of a domain user (lets say MYDOMAIN\JimBob ) for a particular report. The GetPermissions() method

问题 How do I figure out the role(s) of a user in a site using the webservices API? All I have to go on is the username and domain. I've found that the PermissionsService.Permissions.GetPermissionCollection(url,"Web") will return a collection of permitted users and groups with their permissions masks but I still need to figure out if the user is in any of the groups and then convert the permissions masks into a roles collection. I feel like there's a better way to do this and I'm just missing it.