incubator-jspwiki-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Janne Jalkanen <janne.jalka...@ecyrd.com>
Subject Re: JSPWIKI-502 : security issue or not ?
Date Mon, 16 Feb 2009 18:29:17 GMT

As I mentioned, this is something which was discussed many years ago.   
So I do believe that this is a security issue to quite a few people.   
ATM we have a single request for this feature; but the note below  
suggests that many people consider this functionality to be a problem.


2006-05-06  Janne Jalkanen <jalkanen@ecyrd.com>

         * 2.4.4

<snip>

         * Added search results filtering based on permissions,
         i.e. you no longer see pages to which you have no
         access to.  Requested by many people.

On 16 Feb 2009, at 19:26, Harry Metske wrote:

> Devs, especially Andrew,
>
> I would like your opinion on
> https://issues.apache.org/jira/browse/JSPWIKI-502
>
> When (Lucene)searching the wiki should we tell you that a page  
> contains the
> search word while you are not authorized to view the page ?
>
> regards,
> Harry


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message