Hi,
I am facing ACL issue when i copy users Email file from server to local PC every user can open same mail file from lotus client.However default ACL and anonymous has no access.
What i seemed issue in Local ACL.When mail file on server its ACL working fine.When email file copy from server to local its ACl does not work.
How can i resolve this its really security threat to all users email files anyone can access them by locally coping them.
I have Domino server 8.5.3 on win srv2008
Please help me out
Subject: AcL is not working on local user nsf file (Lotus domino 8.5.3)
First of all, nobody should be able to copy another user’s mail file from the server, especially if, as you stated ‘When mail file on server its ACL working fine.’
If a user has a local replica of his/her own mail file, it should be locally encrypted, which would prevent someone else from opening/reading even if they had access to open it, which they should not.
Personally, i always use “Enforce a consistent access control list” - which should assist in ensuring the ACL is correct across all replicas - but of course the ‘copy’ function has an option to copy (or not copy) the Access Control list. So, you’d want to make sure that the ACL is copied if you’re creating local copies.
A tip from the Administrator help - ‘Configuring a database ACL’
(Optional) To prevent users whose access levels are Depositor or No Access from using the operating system to copy the database, encrypt the database with the server ID through the local Encryption option. This ensures that the database, even when copied, is illegible to anyone who doesn’t have access to the server ID.
Subject: RE: AcL is not working on local user nsf file (Lotus domino 8.5.3)
Hi,Thanks for reply,
When I copied any mail file from server through OS copying every lotus users can open it how i prevent this.
In our scenario we copied left users mail file from server to our local backup file server.My question is that when ever i copy (OS copy) mail from domino server to any location no one can open it without ACL.
I am talking about copying through OS not form Lotus notes.
Subject: RE: AcL is not working on local user nsf file (Lotus domino 8.5.3)
That’s one security hole right there - no-one should have access to the OS.
The Domino server’s drives should not be shared to any users, user’s should have no authority to access those drives at all.
Not only is is a security hole, but allowing direct access to Domino files can create locks on the server that can only be cleared by restarting the server, as well as 'unpredictable results.
See ‘Network Security’ page(s) in the Administrator guide, for starters:
"Physical network security is beyond the scope of this book, but you must set it up before you set up connection security. Physical network security prevents unauthorized users from breaking through the network and using one of the operating system’s native services – for example, file sharing – to access the server. "
Also see ‘Mapped directory links and Domino data security’ in the Administrator guide:
“To ensure data security, do not create a mapped directory link to a file server or shared Network Attached Storage (NAS) server for an IBM® Lotus® Domino® server. These links can cause both database corruption and security problems.”
Subject: Everything Mark is telling you is correct
DO NOT do what you are doing. Getting help, I think you’re probably heading towards corrupt files too where someone accesses the files on the server via a file share. Hire someone for a day that can advise you and knows what they are doing, or it’s going to cost you a lot more in security breaches and lost data.
Subject: RE: AcL is not working on local user nsf file (Lotus domino 8.5.3)
And as Mark already pointed out: ACLs never work on databases accessed locally from the Notes client, UNLESS the option “Enforce consistent ACL” is set. This is by very design and neither a problem nor a security hole.
If you as a system administrator are copying mail files on the OS level for backup purposes, it is your responsibility that only entitled persons have access to the backup location.