Solved

SharePoint 2013 Security Question

Posted on 2014-01-24
2
485 Views
Last Modified: 2014-01-24
SharePoint 365 (SharePoint 2013)

When I am on a subsite under the root site, if I use the share feature and add a user, it looks like this automatically changes the root site users and permissions as well if I do not go to the site settings for the subsite and tell it to stop inheriting permissions. Is it true that someone can actually change the users and permissions when on a substite for multiple other sites or the global users and groups, if that site inherits permissions from the parent? I thought it used to be that one had to explicitly break permissions with the parent first before any changes could be made. Now, it looks like someone can be effecting more permissions than just the subsite without even knowing it. Is this true? If so, this would be really bad.
0
Comment
Question by:BobHavertyComh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 38

Accepted Solution

by:
Justin Smith earned 500 total points
ID: 39806697
If you are sharing a subsite that is inheriting permissions, yes, it will adjust the permissions on the site it is inheriting from.  And yes, this would affect any other subsite that is inheriting from the same site.
0
 
LVL 9

Author Comment

by:BobHavertyComh
ID: 39806823
The problem I have is that someone could think they are adding a user or group to the particular site they are on when in fact they are entering this in many more spots than they think. In the case of 8 different subsites that inherit from the root site, if all 8 of them inherited from the root, someone could make a change to one subsite and effect all other subsites without realizing it. Very dangerous. I thought that it used to be in 2010 that you were forced to break permissions first, or forced to explicitly edit the parent on it's edit page, before changes like this could be made. Now power users have a share button that allows them to edit the parent settings from the child without any notice? So then every site should theoretically break permissions from the parent to prevent this? Doesn't this defeat the purpose of inheritance in many ways?
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I used to be SharePoint evangelist in our company, so my Outlook always full of questions about how to do this, or where I can find that. One day I found such an email with the following question: "how to attach 3-State workflow (one of the workflow…
I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question