HTML Microdata document

This HTML5 document contains 30 embedded RDF statements represented using HTML+Microdata notation.

The embedded RDF content will be recognized by any processor of HTML5 Microdata.

Prefix	Namespace IRI
dcterms	http://purl.org/dc/terms/
atom	http://atomowl.org/ontologies/atomrdf#
foaf	http://xmlns.com/foaf/0.1/
n12	http://vos.openlinksw.com/dataspace/services/wiki/
opl	http://www.openlinksw.com/schema/attribution#
n4	http://vos.openlinksw.com/dataspace/owiki/wiki/VOS/
n18	http://vos.openlinksw.com/dataspace/owiki/wiki/VOS/VirtDefaultSPARQLEndpointSPARULVulnerability/sioc.
n6	http://virtuoso.openlinksw.com/download/
dc	http://purl.org/dc/elements/1.1/
n7	http://vos.openlinksw.com/dataspace/dav#
rdfs	http://www.w3.org/2000/01/rdf-schema#
n13	http://rdfs.org/sioc/services#
sioct	http://rdfs.org/sioc/types#
n10	http://vos.openlinksw.com/dataspace/person/dav#
n2	http://vos.openlinksw.com/dataspace/owiki/wiki/
rdf	http://www.w3.org/1999/02/22-rdf-syntax-ns#
n16	http://vos.openlinksw.com/dataspace/owiki#
xsdh	http://www.w3.org/2001/XMLSchema#
n14	http://vos.openlinksw.com/dataspace/person/owiki#
sioc	http://rdfs.org/sioc/ns#

Subject Item: n10:this
foaf:made: n4:VirtDefaultSPARQLEndpointSPARULVulnerability

Subject Item: n7:this
sioc:creator_of: n4:VirtDefaultSPARQLEndpointSPARULVulnerability

Subject Item: n12:item
n13:services_of: n4:VirtDefaultSPARQLEndpointSPARULVulnerability

Subject Item: n16:this
sioc:creator_of: n4:VirtDefaultSPARQLEndpointSPARULVulnerability

Subject Item: n2:VOS
sioc:container_of: n4:VirtDefaultSPARQLEndpointSPARULVulnerability
atom:entry: n4:VirtDefaultSPARQLEndpointSPARULVulnerability
atom:contains: n4:VirtDefaultSPARQLEndpointSPARULVulnerability

Subject Item: n4:VirtDefaultSPARQLEndpointSPARULVulnerability
rdf:type: atom:Entry sioct:Comment
dcterms:created: 2017-06-13T05:45:53.026671
dcterms:modified: 2017-06-13T05:45:53.026671
rdfs:label: VirtDefaultSPARQLEndpointSPARULVulnerability
foaf:maker: n10:this n14:this
dc:title: VirtDefaultSPARQLEndpointSPARULVulnerability
opl:isDescribedUsing: n18:rdf
sioc:has_creator: n7:this n16:this
sioc:content: ---++ Default SPARQL 1.1 related Endpoint Vulnerability A vulnerability scenario has been discovered in the default <code>/sparql</code> endpoint of prior Virtuoso 7.2 releases, whereby despite defaulting to read-only access (using coarse-grained SQL ROLE based Security) certain SPARQL 1.1 INSERT & DELETE operations are possible, contrary to the perception relayed by the following error message: <verbatim> Virtuoso 42000 Error SR186:SECURITY: No permission to execute procedure DB.DBA.SPARQL_DELETE_DICT_CONTENT with user ID {some-user-id}, group ID {some-sql-role-account-id}. </verbatim> This issue has been resolved in the latest 7.2.4+ (3217+) build releases and available from the [[http://virtuoso.openlinksw.com/download/][Virtuoso Download]] page. For those running earlier releases the following SQL commands immediately secure existing instances, courtesy of Virtuoso's finer-grained Graph Security layer: <verbatim> DB.DBA.RDF_DEFAULT_USER_PERMS_SET ('nobody', 0, 1); -- nobody has no access to private named graphs DB.DBA.RDF_DEFAULT_USER_PERMS_SET ('nobody', 1, 0); -- 'nobody' can only read public named graphs </verbatim> Note this workaround has performance impact and can be disabled following upgrade to the new 7.2.4+ (3217+) binary. If you simply want to secure a specific named graph, you can issue the following: <verbatim> DB.DBA.RDF_GRAPH_GROUP_INS ('http://www.openlinksw.com/schemas/virtrdf#PrivateGraphs','{named-graph-iri}') ; </verbatim>
sioc:id: 41bd525005c62a85368c9eb988b4c9da
sioc:link: n4:VirtDefaultSPARQLEndpointSPARULVulnerability
sioc:has_container: n2:VOS
n13:has_services: n12:item
atom:title: VirtDefaultSPARQLEndpointSPARULVulnerability
sioc:links_to: n6:
atom:source: n2:VOS
atom:author: n10:this
atom:published: 2017-06-13T05:45:53Z
atom:updated: 2017-06-13T05:45:53Z
sioc:topic: n2:VOS