Your message dated Tue, 30 Dec 2008 01:15:36 +0100
with message-id <[email protected]>
and subject line Not really a bug and never discussed further
has caused the Debian Bug report #379111,
regarding moinmoin-common: RecentChanges leaks information when using ACLs.
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
379111: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=379111
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: moinmoin-common
Version: 1.3.4-3
Severity: important
I use moinmoin as a CMS for a website. As such, I have certain pages
with ACLs attached, so that they are not visible; e.g.
#acl AuthorsName:read.write,revert All:
Typcially I have a sub-page included to another page to pull in a link
to these. This works well, so no-one can see my new page
TopSecretNewContract, or access it directly via an URL.
However RecentChanges lists the new pages, and comments, and who is
working on them, thus leaking information.
-- System Information:
Debian Release: 3.1
Architecture: powerpc (ppc)
Kernel: Linux 2.6.8-powerpc
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
-- no debconf information
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
This seems not really a bug but a misunderstanding, and haven't been
discussed further for several years, so closing now.
Please, if someone disagree and want to keep it open, just say so, and I
will reopen (but probably then tag it as wontfix).
- Jonas
- --
* Jonas Smedegaard - idealist og Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEUEARECAAYFAklZaCgACgkQn7DbMsAkQLhbUgCfYdgdvtohuURKLGSnLQT38Jl3
AuYAkwQKfd1Ods5kO4Xe2A4L4kOEoHY=
=hULN
-----END PGP SIGNATURE-----
--- End Message ---
