Confluence adminsistrators can still view a restricted page if the type in the URL or click on a link in an email

XMLWordPrintable

    • Type: Bug
    • Resolution: Not a bug
    • Priority: Medium
    • None
    • Affects Version/s: 2.9.2
    • Component/s: None
    • Environment:

      Standalone - Linux 2.6.18-92.el5PAE
      Application server - Apache Tomcat/5.5.23

      If I set page viewing restrictions on a wki page (to one group of which I am a member), other users, including confluence adminsistrators, cannot see the page when navigating within the application. If they type in the URL of the restricted page or click on a link to the restricted page, then can view (but not edit) the page. As the page in question contains sensitive information, including production passwords etc, it is a breach of security to allow users outside the group to view the page.

      Is there any way I can restrict viewing of this page so that the above scenarios do not result in all confluence administators being able to view the page if they know the URL?

      Regards

      Nicholas

              Assignee:
              Unassigned
              Reporter:
              Nicholas Bignell
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: