USER AND SERVER CONFIGURATION
1. Domino checks the -Default- entry in the database access control list.
Tip If you want to index file systems for which security is a high priority, you can attach the files to IBM® Lotus® Notes® client documents in a database selected for indexing.
Search security and server access lists
If you use server access lists within a domain to limit access to information, you might need to check the ACLs of databases on those servers to ensure that results are filtered. Otherwise, a search might return a result to a user who cannot access the result document. In some cases, users might be able to discern confidential information from a search result.
For example, the Acme corporation has two application servers, App-E/East/Acme and App-W/West/Acme. Acme users are certified with one of two organizational unit certifiers: /East/Acme or /West/Acme. App-E/East/Acme does not allow access to any user with a /West/Acme certificate. Databases on the server have the -Default- setting in their ACLs set to Reader to ensure that /West/Acme users cannot access those databases.
When Acme implements Domain Search, /West/Acme users who query Domain Search might receive search results that include links to and summaries of documents in databases on App-E/East/Acme, because the ACLs of those databases do not prohibit /West/Acme users from seeing those results. (On Microsoft® Windows® systems, document summaries are included in the search results if users select the Detailed Results option.) The server access lists continue to maintain database security in this environment, because /West/Acme users cannot access documents from those links, but the mere existence of links and summaries could reveal confidential information to the /West/Acme users.
To avoid this issue, check the ACLs for databases that are protected by server access lists to ensure that they are set to filter correctly. To do this, assume that the server access list does not exist. Change the ACL so that, in the absence of a server access list, the database would be secured appropriately. This ensures that when Domain Search checks the database ACL, it filters out results that users cannot access.
If you are running Domino on Windows and are not sure that you can properly maintain database ACLs, you might want to prevent anyone from seeing document summaries by setting the indexing server's NOTES.INI variable to FTG_No_Summary=1.
Note This example assumes that the indexing server has a certificate that allows access to both App-E/East/Acme and App-W/West/Acme.
See also