[ZCM] [ZC] 1768/ 2 Reject "unpublished pages viewable"
Collector: Zope Bugs, Features,
and Patches ...
zope-coders-admin at zope.org
Thu May 5 06:16:04 EDT 2005
Issue #1768 Update (Reject) "unpublished pages viewable"
** Security Related ** (Public)
Status Rejected, Zope/bug medium
To followup, visit:
http://www.zope.org/Collectors/Zope/1768
==============================================================
= Reject - Entry #2 by ajung on May 5, 2005 6:16 am
Status: Pending => Rejected
dupe of #1767
________________________________________
= Request - Entry #1 by beatboxa on Apr 30, 2005 1:06 am
I'm new to Zope.
My friend was showing me the security features.
I created a webpage in my home folder, and submitted it for publishing.
It's status was "pending".
In another browser called "Safari" which was not logged in to the zope portal,
I was able to do a search for my username, and click on a link to my homepage, even though it was unpublished.
I believe unpublished items should not be available for viewing to the public.
regards,
Rhys W.
==============================================================
More information about the Zope-Collector-Monitor
mailing list