Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
SECRET//20350112
8.1.11 (U) Effect of Permissions on Mission Assignment
(U) Flytraps execute Missions, and Missions are owned by Operations. After planning a
Mission, a User assigns a Mission to a Flytrap. The User can only assign a Mission to the
Flytrap if the Flytrap is executing a Mission that is owned by an Operation to which the
User has Read-Write access. This prevents a User from potentially “overtaking” a Flytrap
that is currently in use for a different Operation. Figure 4 illustrates the Mission
Assignment logic as it relates to Operation ownership of the Mission.
Figure 4: Operation Ownership and Mission Assignment
(U) Here are some examples:
(U) Flytrap FT1 is executing a Mission owned by Operation C1. User U1 has Read-Write
permissions to Operation C1. Hence, U1 can assign a Mission to FT1.
(U) Flytrap FT2 is executing a Mission owned by Operation C2. User U1 has Read-Only
permissions to Operation C2. Hence, U1 cannot assign a Mission to FT2. A User with
“cwadmin” privileges (see 8.1.2) is required to intervene if U1 needs to assign a Mission
to FT2. Presumably, U1 could jointly plan a Mission with a User that has Read-Write
access to Operation C2, and hence share the Flytrap resource.
(U) Section 9.12 describes the details of Assigning a Mission to a Flytrap via CherryWeb.
42
SECRET//20350112
Does the User
have Read-Write permissions for
that Operation(s)?
Determine what Operation(s)
owns the Mission that the
Flytrap is currently executing
No
Yes
User can
assign Mission
to Flytrap
User cannot
assign
Mission
to Flytrap