SharePoint 安全机制与模式想法-CSDN社区

baidu_23435229 2014-11-18

打赏
举报

做任务

love小贝壳 2014-11-11

打赏
举报

用过感觉还是不错的

Justin-Liu 2014-11-10

打赏
举报

引用 23 楼 micropentium6 的回复:

[quote=引用 21 楼 FoxDave 的回复:] [quote=引用 20 楼 micropentium6 的回复:] [quote=引用 19 楼 FoxDave 的回复:] [quote=引用 18 楼 micropentium6 的回复:] [quote=引用 17 楼 FoxDave 的回复:] [quote=引用 12 楼 micropentium6 的回复:] [quote=引用 7 楼 FoxDave 的回复:] 是啊，昨天你发完我还跟宇哥唠了呢，安全性确实没关注过，因为它看起来很安全了啊

how about those webparts, the customization...[/quote] which aspect do you mean?[/quote] I know nothing about sharepoint, but I heard that the client is allowed to customize sharepoint by providing webparts or other means, I assume. Then these extra components could potentially introduce vulnerability that otherwise could not be exposed. I left my comment at the first place because it would be too naïve to make the statement like "它看起来很安全了啊". I can't argue with you actually coz as I said, I know nothing about SP...but I am not surprised to see there are malwares out there that specifically target on SP...[/quote] Hi thank you for your comment. It may be native but it is the fact that it is. The webparts you mentioned, I guess, may be some components for outer system? It is nearly nothing to do with SP. And, normal way to add a webpart is to put it in a solution. There are two SP solutions types: Sandbox and Farm. Sandbox solution will surely not affect SP and with lower permission. Farm solution need admin permission and will be considered deeply before deployment. So we can treat them as safe. If the SP is truely used, we can believe it is safe, not including fake SP using. Or I may misunderstand your meaning, please take some specific case for example. For some unsafe part, check this I posted it above.[/quote] thank you for ur timely reply! I will take a look! So SP never ever released any security patch?[/quote] Thank you for the discussing which increase the popularity. In my kowledge, there are some Service Pack for SP for all the versions, most of which are feature bug fix and new feature deployment. Maybe not correct. If you do not focus on SP, I don't suggest you to look into it. [/quote] well, I thought SP is popular, isn't it? :) anyway, I am just a regular SP user. The department I run is not in charge of our SP. I have some general interests on SP in case I may have to take over the team that administrate SP...[/quote] I don't think is very popular haha But it is true good for foreign companies. SP administration is also very useful skill, go ahead.

小笨和漂向北方 2014-11-10

打赏
举报

引用 21 楼 FoxDave 的回复:

[quote=引用 20 楼 micropentium6 的回复:] [quote=引用 19 楼 FoxDave 的回复:] [quote=引用 18 楼 micropentium6 的回复:] [quote=引用 17 楼 FoxDave 的回复:] [quote=引用 12 楼 micropentium6 的回复:] [quote=引用 7 楼 FoxDave 的回复:] 是啊，昨天你发完我还跟宇哥唠了呢，安全性确实没关注过，因为它看起来很安全了啊

how about those webparts, the customization...[/quote] which aspect do you mean?[/quote] I know nothing about sharepoint, but I heard that the client is allowed to customize sharepoint by providing webparts or other means, I assume. Then these extra components could potentially introduce vulnerability that otherwise could not be exposed. I left my comment at the first place because it would be too naïve to make the statement like "它看起来很安全了啊". I can't argue with you actually coz as I said, I know nothing about SP...but I am not surprised to see there are malwares out there that specifically target on SP...[/quote] Hi thank you for your comment. It may be native but it is the fact that it is. The webparts you mentioned, I guess, may be some components for outer system? It is nearly nothing to do with SP. And, normal way to add a webpart is to put it in a solution. There are two SP solutions types: Sandbox and Farm. Sandbox solution will surely not affect SP and with lower permission. Farm solution need admin permission and will be considered deeply before deployment. So we can treat them as safe. If the SP is truely used, we can believe it is safe, not including fake SP using. Or I may misunderstand your meaning, please take some specific case for example. For some unsafe part, check this I posted it above.[/quote] thank you for ur timely reply! I will take a look! So SP never ever released any security patch?[/quote] Thank you for the discussing which increase the popularity. In my kowledge, there are some Service Pack for SP for all the versions, most of which are feature bug fix and new feature deployment. Maybe not correct. If you do not focus on SP, I don't suggest you to look into it. [/quote] well, I thought SP is popular, isn't it? :) anyway, I am just a regular SP user. The department I run is not in charge of our SP. I have some general interests on SP in case I may have to take over the team that administrate SP...

Justin-Liu 2014-11-10

打赏
举报

引用 20 楼 micropentium6 的回复:

[quote=引用 19 楼 FoxDave 的回复:] [quote=引用 18 楼 micropentium6 的回复:] [quote=引用 17 楼 FoxDave 的回复:] [quote=引用 12 楼 micropentium6 的回复:] [quote=引用 7 楼 FoxDave 的回复:] 是啊，昨天你发完我还跟宇哥唠了呢，安全性确实没关注过，因为它看起来很安全了啊

how about those webparts, the customization...[/quote] which aspect do you mean?[/quote] I know nothing about sharepoint, but I heard that the client is allowed to customize sharepoint by providing webparts or other means, I assume. Then these extra components could potentially introduce vulnerability that otherwise could not be exposed. I left my comment at the first place because it would be too naïve to make the statement like "它看起来很安全了啊". I can't argue with you actually coz as I said, I know nothing about SP...but I am not surprised to see there are malwares out there that specifically target on SP...[/quote] Hi thank you for your comment. It may be native but it is the fact that it is. The webparts you mentioned, I guess, may be some components for outer system? It is nearly nothing to do with SP. And, normal way to add a webpart is to put it in a solution. There are two SP solutions types: Sandbox and Farm. Sandbox solution will surely not affect SP and with lower permission. Farm solution need admin permission and will be considered deeply before deployment. So we can treat them as safe. If the SP is truely used, we can believe it is safe, not including fake SP using. Or I may misunderstand your meaning, please take some specific case for example. For some unsafe part, check this I posted it above.[/quote] thank you for ur timely reply! I will take a look! So SP never ever released any security patch?[/quote] Thank you for the discussing which increase the popularity. In my kowledge, there are some Service Pack for SP for all the versions, most of which are feature bug fix and new feature deployment. Maybe not correct. If you do not focus on SP, I don't suggest you to look into it.

小笨和漂向北方 2014-11-10

打赏
举报

引用 19 楼 FoxDave 的回复:

[quote=引用 18 楼 micropentium6 的回复:] [quote=引用 17 楼 FoxDave 的回复:] [quote=引用 12 楼 micropentium6 的回复:] [quote=引用 7 楼 FoxDave 的回复:] 是啊，昨天你发完我还跟宇哥唠了呢，安全性确实没关注过，因为它看起来很安全了啊

how about those webparts, the customization...[/quote] which aspect do you mean?[/quote] I know nothing about sharepoint, but I heard that the client is allowed to customize sharepoint by providing webparts or other means, I assume. Then these extra components could potentially introduce vulnerability that otherwise could not be exposed. I left my comment at the first place because it would be too naïve to make the statement like "它看起来很安全了啊". I can't argue with you actually coz as I said, I know nothing about SP...but I am not surprised to see there are malwares out there that specifically target on SP...[/quote] Hi thank you for your comment. It may be native but it is the fact that it is. The webparts you mentioned, I guess, may be some components for outer system? It is nearly nothing to do with SP. And, normal way to add a webpart is to put it in a solution. There are two SP solutions types: Sandbox and Farm. Sandbox solution will surely not affect SP and with lower permission. Farm solution need admin permission and will be considered deeply before deployment. So we can treat them as safe. If the SP is truely used, we can believe it is safe, not including fake SP using. Or I may misunderstand your meaning, please take some specific case for example. For some unsafe part, check this I posted it above.[/quote] thank you for ur timely reply! I will take a look! So SP never ever released any security patch?

Justin-Liu 2014-11-10

打赏
举报

引用 18 楼 micropentium6 的回复:

[quote=引用 17 楼 FoxDave 的回复:] [quote=引用 12 楼 micropentium6 的回复:] [quote=引用 7 楼 FoxDave 的回复:] 是啊，昨天你发完我还跟宇哥唠了呢，安全性确实没关注过，因为它看起来很安全了啊

how about those webparts, the customization...[/quote] which aspect do you mean?[/quote] I know nothing about sharepoint, but I heard that the client is allowed to customize sharepoint by providing webparts or other means, I assume. Then these extra components could potentially introduce vulnerability that otherwise could not be exposed. I left my comment at the first place because it would be too naïve to make the statement like "它看起来很安全了啊". I can't argue with you actually coz as I said, I know nothing about SP...but I am not surprised to see there are malwares out there that specifically target on SP...[/quote] Hi thank you for your comment. It may be native but it is the fact that it is. The webparts you mentioned, I guess, may be some components for outer system? It is nearly nothing to do with SP. And, normal way to add a webpart is to put it in a solution. There are two SP solutions types: Sandbox and Farm. Sandbox solution will surely not affect SP and with lower permission. Farm solution need admin permission and will be considered deeply before deployment. So we can treat them as safe. If the SP is truely used, we can believe it is safe, not including fake SP using. Or I may misunderstand your meaning, please take some specific case for example. For some unsafe part, check this I posted it above.

小笨和漂向北方 2014-11-10

打赏
举报

引用 17 楼 FoxDave 的回复:

[quote=引用 12 楼 micropentium6 的回复:] [quote=引用 7 楼 FoxDave 的回复:] 是啊，昨天你发完我还跟宇哥唠了呢，安全性确实没关注过，因为它看起来很安全了啊

how about those webparts, the customization...[/quote] which aspect do you mean?[/quote] I know nothing about sharepoint, but I heard that the client is allowed to customize sharepoint by providing webparts or other means, I assume. Then these extra components could potentially introduce vulnerability that otherwise could not be exposed. I left my comment at the first place because it would be too naïve to make the statement like "它看起来很安全了啊". I can't argue with you actually coz as I said, I know nothing about SP...but I am not surprised to see there are malwares out there that specifically target on SP...

Justin-Liu 2014-11-10

打赏
举报

引用 12 楼 micropentium6 的回复:

[quote=引用 7 楼 FoxDave 的回复:] 是啊，昨天你发完我还跟宇哥唠了呢，安全性确实没关注过，因为它看起来很安全了啊

how about those webparts, the customization...[/quote] which aspect do you mean?

nettman 2014-11-08

打赏
举报

进来学习下

xidulanqiao 2014-11-08

打赏
举报

微软的SharePoint很久以前就已经开始给用户提供了BI(business intelligence) 的功能，但是通常需要引入一堆杂七杂八的技术才能适应微软的模型，外观和感觉，然后你还需要像“科学怪人”那样把它们拼起来。SharePoint 2010改变了这种情况，把BI带到了一个新的高度。 BI(business intelligence) 背后的主要理念是（为了避免成为BS）：你每天，每小时，甚至每秒都应该收集数据，并且你需要做的不仅仅只是监控或记录那些数据那么简单。你需要分析这些数据，而且，你需要分享这些数据，今天，就必需有人对这些数据负责——而不是三个月以后，那时这些信息都对你的公司而言，也许已经没有任何价值了。

xidulanqiao 2014-11-08

打赏
举报

sharepoint是在安全上服务器层

小笨和漂向北方 2014-11-07

打赏
举报

引用 7 楼 FoxDave 的回复:

是啊，昨天你发完我还跟宇哥唠了呢，安全性确实没关注过，因为它看起来很安全了啊

how about those webparts, the customization...

Justin-Liu 2014-11-07

打赏
举报

I found this

cattpon 2014-11-07

打赏
举报

怎么是外链？

段传涛 2014-11-06

打赏
举报

引用 8 楼 linyustar 的回复:

http://www.2cto.com/Article/201207/143924.html 很久以前收藏的一篇文章，不是很深入

这文章说的SP 是moss3.0 吧 10年的 SP 的功能。

Justin-Liu 2014-11-06

打赏
举报

是啊，昨天你发完我还跟宇哥唠了呢，安全性确实没关注过，因为它看起来很安全了啊

段传涛 2014-11-06

打赏
举报

引用 3 楼 linyustar 的回复:

感觉，sharepoint的安全更多在服务器层面，我们之前都是装硬件防火墙，服务器杀毒软件什么的；当然，好的管理才是安全的保障，定期备份、修改密码、操作记录什么的；出现问题也好排查，不过真的在项目里，非常少用。 sharepoint里很少出现sql注入、挂马什么的，至少未曾见到，不过对于安全，基本没在意，呵呵。

是的建立在其他设备或系统的安全基础上的。他的本身安全性的确看的不多。

段传涛 2014-11-06

打赏
举报

引用 2 楼 shrenk 的回复:

还有SharePoint使用managed account，管理一些重要的账户，自动定时修改密码。

你说的账户密码管理？

段传涛 2014-11-06

打赏
举报

引用 1 楼 FoxDave 的回复:

写得很清晰简洁了啊但是你参考的文章说的是sharepoint解决方案的安全性吧，并不是sharepoint自身的安全性

我是按照那个自己编写的。感觉没有写的不完全。

SharePoint 安全机制与模式 想法

SharePoint 安全机制与模式想法