|
|
|
At the New Zealand Moodle Moot, Martin demonstrated a way to publish grades using a special URL which contains a secret key encoded in it. Giving the URL to other people gives them access to the grades.
Since grades are quite sensitive, it becomes a security problem when they are exposed accidently to third parties.
Here are two scenarios where this URL could become public:
1- The user bookmarks it and is using a community bookmarking system like del.icio.us Other users of that system may now find it, but Google can also index it.
2- Windows users sometime have "download accelerators" which report to a central server what URLs people are downloading. There have been cases where these URLs are then shared with the public, for example in "top 10" lists or "current downloads".
Therefore, I think the potential for users unknowingly sharing their grades is real.
One way, this could be mitigated is to split this into two pieces of information:
- a secret key
- a page where the user goes and where they need to enter the secret key and press submit.
|
|
Description
|
At the New Zealand Moodle Moot, Martin demonstrated a way to publish grades using a special URL which contains a secret key encoded in it. Giving the URL to other people gives them access to the grades.
Since grades are quite sensitive, it becomes a security problem when they are exposed accidently to third parties.
Here are two scenarios where this URL could become public:
1- The user bookmarks it and is using a community bookmarking system like del.icio.us Other users of that system may now find it, but Google can also index it.
2- Windows users sometime have "download accelerators" which report to a central server what URLs people are downloading. There have been cases where these URLs are then shared with the public, for example in "top 10" lists or "current downloads".
Therefore, I think the potential for users unknowingly sharing their grades is real.
One way, this could be mitigated is to split this into two pieces of information:
- a secret key
- a page where the user goes and where they need to enter the secret key and press submit. |
Show » |
committed 27 files to 'Moodle CVS' - 27/Sep/07 02:51 PM
MDL-11451 grade publishing security/privacy improved - new capabilities needed for publishing, by default allowed only for admins; added warning to publishing option
|
|
|
committed 5 files to 'Moodle CVS' - 27/Sep/07 02:56 PM
committed 2 files to 'Moodle CVS' - 27/Sep/07 03:06 PM
MDL-11451 adding default ipaddress restriction and 7 days lifetime for user key
|
|
|
committed 6 files to 'Lang CVS' - 28/Sep/07 12:13 AM
Translated new strings for grade publishing MDL-11451.
|
|
|
committed 1 file to 'Lang CVS' - 28/Sep/07 01:23 AM
Updated a translated string for grade publishing based on lang/en_utf8 change MDL-11451.
|
|
|
martignoni committed 1 file to 'Lang CVS' - 29/Sep/07 04:30 AM
MDL-11451 grade publishing security/privacy improved, first part
|
|
|
martignoni committed 5 files to 'Lang CVS' - 29/Sep/07 08:38 PM
MDL-11451 grade publishing security/privacy improved - new capabilities needed for publishing, second part
|
|
|
martignoni committed 1 file to 'Lang CVS' - 29/Sep/07 09:02 PM
MDL-11451 grade publishing security/privacy improved - new capabilities needed for publishing (end)
|
|
|
|
Bug
Resolved
Minor
Exporting grades with a key may accidently publish the URL
