Foswiki on GitHub is open for business! Next release meeting: Monday September 15, 1300Z

Item1485: _default web permissions are wrong

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Urgent Closed Engine    
When a new web is created, the permissions are automatically rewritten to allow the creating user edit access to the preferences. Despite this, the _default web still has open access, making it a prime target for a spammer.

Close the permissions in the _default web down. Only the web creator has access.

_empty web too.

-- CrawfordCurrie - 21 Apr 2009

I assume this will close the original issue raised in Tasks.Item1415. (I am still interested in hearing comments on my suggestion about enhancing the web creation process; it would close a gap between web creation and setting access controls.)

-- IsaacLin - 21 Apr 2009

Yes; see my remark in that item.

-- CrawfordCurrie - 23 Apr 2009

ItemTemplate edit

Summary _default web permissions are wrong
ReportedBy CrawfordCurrie
Codebase
SVN Range SVN 3596: Foswiki-1.1.0-dev, Sat, 18 Apr 2009, build 3507
AppliesTo Engine
Component
Priority Urgent
CurrentState Closed
WaitingFor
Checkins Foswikirev:3598 Foswikirev:3599 Foswikirev:3634 Foswikirev:3635
TargetRelease patch
ReleasedIn 1.0.5
Topic revision: r6 - 25 Apr 2009, KennethLavrsen
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License