I have enabled the reportercreate permission in permission-types.xml and created a permission scheme that uses it correctly. My restricted user can not view the project in question on the browse projects page, the issue navigator, or other pages where it normally would show up, which leads me to believe I have configured this correctly. I have an issue from the disallowed project linked to an issue from the allowed project. When my restricted user views the allowed project, he cannot see the issue link on the main view issue page, but if he clicks on "Change History," he can see the history entry where the issue was linked to the issue he should not be able to see. This is extremely critical for us, as we have projects for each of our OEM customers. It is imperative that we keep their identities hidden from each other – even the product keys being visible is a great security breach.

In the attachments, the two project keys look the same since I have whited out the company names, but the project key that represents the linked issue in the change history belongs to a different project that the user "joeuser" who is logged should not be able to view, and cannot view anywhere except on this page.