Solved

SharePoint 2013 Security Question

Posted on 2014-01-24
2
482 Views
Last Modified: 2014-01-24
SharePoint 365 (SharePoint 2013)

When I am on a subsite under the root site, if I use the share feature and add a user, it looks like this automatically changes the root site users and permissions as well if I do not go to the site settings for the subsite and tell it to stop inheriting permissions. Is it true that someone can actually change the users and permissions when on a substite for multiple other sites or the global users and groups, if that site inherits permissions from the parent? I thought it used to be that one had to explicitly break permissions with the parent first before any changes could be made. Now, it looks like someone can be effecting more permissions than just the subsite without even knowing it. Is this true? If so, this would be really bad.
0
Comment
Question by:BobHavertyComh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 38

Accepted Solution

by:
Justin Smith earned 500 total points
ID: 39806697
If you are sharing a subsite that is inheriting permissions, yes, it will adjust the permissions on the site it is inheriting from.  And yes, this would affect any other subsite that is inheriting from the same site.
0
 
LVL 9

Author Comment

by:BobHavertyComh
ID: 39806823
The problem I have is that someone could think they are adding a user or group to the particular site they are on when in fact they are entering this in many more spots than they think. In the case of 8 different subsites that inherit from the root site, if all 8 of them inherited from the root, someone could make a change to one subsite and effect all other subsites without realizing it. Very dangerous. I thought that it used to be in 2010 that you were forced to break permissions first, or forced to explicitly edit the parent on it's edit page, before changes like this could be made. Now power users have a share button that allows them to edit the parent settings from the child without any notice? So then every site should theoretically break permissions from the parent to prevent this? Doesn't this defeat the purpose of inheritance in many ways?
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SharePoint 2013 6 79
Sharepoint Max date with criteria 2 140
SharePoint 2013 Link to File on Network Drive Not Working 3 123
SharePoint 2013 List Content Type 3 44
If you create your solutions on SharePoint sooner or later you will come upon a request to set  permissions of the item depending on some of the item's meta-data - the author, people assigned as approvers, divisions, categories etc. The most natu…
I used to be SharePoint evangelist in our company, so my Outlook always full of questions about how to do this, or where I can find that. One day I found such an email with the following question: "how to attach 3-State workflow (one of the workflow…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question