You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, if you delegate and specify users who can decrypt, Red October will only allow those users to make successful decryptions for secrets in the bailiwick of the delegation. However, if you specify an empty users string, Red October abdicates any checking of the user calling decrypt. This nonlinear behavior is not expected, and should be fixed. The ability for anyone to decrypt should be preserved as its own option and should be controlled by metadata on delegation state instead of by overloading the users list.
The text was updated successfully, but these errors were encountered:
APTy
linked a pull request
Apr 13, 2016
that will
close
this issue
Currently, if you delegate and specify users who can decrypt, Red October will only allow those users to make successful decryptions for secrets in the bailiwick of the delegation. However, if you specify an empty users string, Red October abdicates any checking of the user calling decrypt. This nonlinear behavior is not expected, and should be fixed. The ability for anyone to decrypt should be preserved as its own option and should be controlled by metadata on delegation state instead of by overloading the users list.
The text was updated successfully, but these errors were encountered: