MISP connector potential issues

[iglocska]

https://github.com/melicertes/csp/blob/master/csp-apps/misp/misp-adapter-emitter/src/main/java/com/intrasoft/csp/misp/service/impl/MispTcSyncServiceImpl.java#L164

This is extremely worrying. Organisations that are not in the list of melicertes teams are absolutely normal and should not be flagged in any way. The comment that deletion is not an option for now is concerning - it shows a misunderstanding of what an organisation is in MISP and the purpose of having them.

1. You cannot have sharing groups without having the organisation objects on your instance for anyone you want to share with. Meaning if orgx is not in the melicertes team list, I need to have it known for my instance to include them in any sharing.
2. Organisation objects are shared automatically. Unless we want to restrict the pulling of any feeds in MISP format, fetching from any other non melicertes MISP instances, pushing any non melicertes team created data to MISP, we will get those organisation objects on our instance.
3. Many CERTs operate MISP instances that are interconnected with other organisations. Sharing Groups handle the distribution of data that is not meant for all participants of an instance, but without giving access to other organisations, synchronisation is not feasible. This means that any interconnections with other organisations would be flagged as orphaned organisations.