Modify

Ticket #1266 (closed enhancement: fixed)

Opened 11 months ago

Last modified 11 months ago

Default public access level is dangerous

Reported by: pavlos256@… Owned by: dark
Priority: critical Milestone: LiquidFeedback Frontend 2.0.1
Component: Frontend Version: 2.0 beta
Keywords: Cc:

Description

The default public access level on the new configuration files is "full".

This is dangerous because a simple and easy to miss misconfiguration can expose sensitive data and ruin an active installation.

The default should be the safest available: false.

Attachments

Change History

comment:1 Changed 11 months ago by dark

  • Status changed from new to accepted

comment:2 Changed 11 months ago by dark

  • Milestone set to LiquidFeedback Frontend 2.0.1

comment:3 Changed 11 months ago by dark

  • Status changed from accepted to closed
  • Resolution set to fixed

The default has been made failsafe.

Patch:  http://www.public-software-group.org/mercurial/liquid_feedback_frontend.devel/rev/652c318560f8

View

Add a comment

Modify Ticket

Action
as closed
The resolution will be deleted. Next status will be 'reopened'
Author


E-mail address and user name can be saved in the Preferences.

Attachments
 
Note: See TracTickets for help on using tickets.