Just found a nasty security flaw

[hbrendel]

Since the beginning I'm hiding the status area in all of my solutions. All the functionality that is needed is built in the interface.

 

I just found out that on Mac one can simply right-click the title bar and choose 'Customize Toolbar...' And voilà: the status bar appears... and it's going to stay.

 

I don't know if it's been like that in earlier versions. I suspect that it is. Probably it's an OS thing, so I doubt that FMI can fix this.

 

Now I need to revise all my solutions to add the script step 'Hide Toolbars' to all relevant scripts. I also have to empty the layout menu.

 

Don't know how it is on Windows...

 

[liltbrockie]

Right clicking the title bar does nothing in windows.

[hbrendel]

What is the default action for customizing toolbars in Windows?

[liltbrockie]

What is the default action for customizing toolbars in Windows?

 

Not sure what you mean

[Ocean West]

I submitted a bug report to FileMaker - i haven't tested yet but what permission level access does the users have also you may try to deployed custom menus - these in the short term may lessen the unintended impact.

[jbante]

This is why the standard best practice is to handle security using FileMaker's security features, with user interface controls only playing a supporting role. Short of best practices, custom menus mitigate the amount of damage users can do with this. (After all, if you weren't using custom menus already, showing the toolbar doesn't really expand what users can do, only the discoverability of what they can do.)

[comment]

It may well be a flaw. But it is not a security flaw.

[Steven H. Blackwell]

The toolbars may be exposed but they can be rendered essentially inert via the settings in the Privilege Set.  This is one of the reasons that the default setting for a new Privilege Set is "Minimum" menu availability.

 

The UI is not part of the security schema.

 

Perhaps I can say more at a later time.  Headed out the door to a conference now.

 

Steven

[hbrendel]

I admit it's not a security flaw. Now I have emptied the layout dropdown in all my solutions, and the rest was already disabled by clever custom menus.

 

But it is a pain in the xxx. At the bottom 25 pts of the layout area disappears. Essential buttons could be placed there. The window could have the zooming option disabled. Hours of meticulous designing are wasted.

 

Maybe I'm exaggerating, but I consider this a seriuous bug.

[Steven H. Blackwell]

I understand your frustration and aggravation.  However, the UI is not part of the security schema.

 

Just because there is no Print menu item does not mean I cannot print a record.

 

Just because there is no New Record menu item does not mean I cannot create a new record.

 

Just because there is no Delete Record menu item does not mean I cannot delete a record.

 

All these elements and many others as well are controlled by the privilege bit settings in the Privilege Set.  Some apply only to the file in which they are defined, e.g. Print.  Others apply across files in a solution, e.g. edit records.

 

Steven