FORUM PLAN UPDATE: Date revision: This forum will remain open to new posts and responses until December 1, 2018. (After that date, you will still be able to view and search the forum.) Also, we're taking a second look at the best place to host future conversation. For now, keep using this forum, and stay tuned for more news.
RE: AcL is not working on local user nsf file (Lotus domino 8.5.3) Mark Taylor 27.Jul.18 08:24 AM a Web browser Domino Server All ReleasesAll Platforms
That's one security hole right there - no-one should have access to the OS.
The Domino server's drives should not be shared to any users, user's should have no authority to access those drives at all.
Not only is is a security hole, but allowing direct access to Domino files can create locks on the server that can only be cleared by restarting the server, as well as 'unpredictable results.
See 'Network Security' page(s) in the Administrator guide, for starters:
"Physical network security is beyond the scope of this book, but you must set it up before you set up connection security. Physical network security prevents unauthorized users from breaking through the network and using one of the operating system's native services -- for example, file sharing -- to access the server. "
Also see 'Mapped directory links and Domino data security' in the Administrator guide:
"To ensure data security, do not create a mapped directory link to a file server or shared Network Attached Storage (NAS) server for an IBM® Lotus® Domino® server. These links can cause both database corruption and security problems."