Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

Security issue Sharepoint

  Asked By: Perry    Date: Oct 18    Category: Sharepoint    Views: 1571

We are facing major security problem in sharepoint.

By using Add net work place users are able to add a network place with sharepoint site as URL.they are able to modify the pages even they don’t have access.

For Ex : User had read access on one sharepoint form library. Through add net work place he can add network place and he is able to modify all the files in Forms Folder…

Are there any way to solve this security isse.?



1 Answer Found

Answer #1    Answered By: Larry Gonzales     Answered On: Oct 18

Interesting scenario, on the surface it sounds like the Sharepoint site  is
accessable by everyone within your organization. You can restrict access  to
a specific area/subsite/workdspace/folder/list within SharePoint by going to
the specific part of your site and changing that portions 'Modify settings'
and 'Change permissions'. What you are likely to see is that the permissions
are set to allow the roles of Reader, Contributor and Web Designer to
perform actions on that section. To demonstrate restricting permissions
create a new list , then go to that list and add  your domain account and
give yourself Reader only role. Remove the three roles that area already
there (you will need Site Admin privs to do this).

Now go to a coworkers browser who is already logged on to their PC and
browse to that specific list, that user  should no longer be able to view
that area (you may have to refresh the web browser).

This demonstrates how granular SharePoint security  is, there is often a
critique that SharePoint can't secure individual items like documents, the
workaround is to create a folder and place  the document folder.

As for your situation this is probably not teh answer as you provbably don't
want to have to secure individual lists.. it sounds to me like the Site
Settings/Permissions/Roles are set either to Anonymous or the IIS settings
are set to allow access to a wider audience than you want.

Didn't find what you were looking for? Find more on Security issue Sharepoint Or get search suggestion and latest updates.