Solved

SharePoint 2013 Security Question

Posted on 2014-01-24
2
469 Views
Last Modified: 2014-01-24
SharePoint 365 (SharePoint 2013)

When I am on a subsite under the root site, if I use the share feature and add a user, it looks like this automatically changes the root site users and permissions as well if I do not go to the site settings for the subsite and tell it to stop inheriting permissions. Is it true that someone can actually change the users and permissions when on a substite for multiple other sites or the global users and groups, if that site inherits permissions from the parent? I thought it used to be that one had to explicitly break permissions with the parent first before any changes could be made. Now, it looks like someone can be effecting more permissions than just the subsite without even knowing it. Is this true? If so, this would be really bad.
0
Comment
Question by:BobHavertyComh
2 Comments
 
LVL 38

Accepted Solution

by:
Justin Smith earned 500 total points
ID: 39806697
If you are sharing a subsite that is inheriting permissions, yes, it will adjust the permissions on the site it is inheriting from.  And yes, this would affect any other subsite that is inheriting from the same site.
0
 
LVL 9

Author Comment

by:BobHavertyComh
ID: 39806823
The problem I have is that someone could think they are adding a user or group to the particular site they are on when in fact they are entering this in many more spots than they think. In the case of 8 different subsites that inherit from the root site, if all 8 of them inherited from the root, someone could make a change to one subsite and effect all other subsites without realizing it. Very dangerous. I thought that it used to be in 2010 that you were forced to break permissions first, or forced to explicitly edit the parent on it's edit page, before changes like this could be made. Now power users have a share button that allows them to edit the parent settings from the child without any notice? So then every site should theoretically break permissions from the parent to prevent this? Doesn't this defeat the purpose of inheritance in many ways?
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Move SharePoint data to a new server 3 53
query 01/01/1901 in a Sharepoint list 5 55
Intranet and Kerberos Authentication (not sharepoint!) 8 115
Sharepoint 2010 Audit Logs 11 78
I used to be SharePoint evangelist in our company, so my Outlook always full of questions about how to do this, or where I can find that. One day I found such an email with the following question: "how to attach 3-State workflow (one of the workflow…
The vision: A MegaMenu for a SharePoint portal home page The mission: Make it easy to maintain. Allow rich content and sub headers as well as standard links. Factor in frequent changes without involving developers or a lengthy Dev/Test/Prod rel…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This is a video describing the growing solar energy use in Utah. This is a topic that greatly interests me and so I decided to produce a video about it.

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now