stefan.hansel@tolina.com The default space permissions apply equally to personal spaces and global spaces - as long as the space is not set to private when it's created. Since Confluence 4.2, new personal spaces default to being world writable, just like a global space. With the addition of this feature, that default now means whatever was configured in the default space permissions admin screen.

Does this also apply to personal spaces?
Due to Confluences lacking LDAP-support for Lotus Domino we are not able to auto-populate the confluence-users group.
Which in turn means that right now new created personal spaces don't give read-access to anyone but the author which confuses pretty much everyone.

With this feature I hope that we can configure default-permissions also upon creation of personal spaces?

FYI: I attended this year's Atlassian Unite in Frankfurt, Germany, and went to the Birds of a Feather session with Matt Hodges, the Confluence product marketing manager. We were around ten people, most of which were concerned with enterprise features like this one (with regard to this issue in particular, I made the experience you can't even use the API to track and enforce space permissions via a batch job, since the API is not granular enough). In any event, Matt explained that they are trying to identify themes in which they can group features, like they have done for usability with Confluence 4.x, in order to focus development (but to the detriment of other features). In any event, Enterprise readiness can be seen as one of those themes, and they are aware of the fact that there is a lot to improve in this area. I don't know when it will be there but my impression is that Atlassian is listening. My 2 cents.

What is up with that Atlassian? (In reference to Royce Wong's comment)
Is Atlassian working to alienate those users who are not moving to their cloud-based service?

This affects ALL our users, as not many of them have created personal spaces before we upgraded. 400+. Just saying, it does affect a lot of users.

+1
I hate all those popular requests, open since many years and still untouched by atlassian. This is one of them, causing pain in enterprise setups!

Hmmm... setting default permissions is not available in "regular" Confluence but available in JIRA Studio?
http://confluence.atlassian.com/display/JIRASTUDIO/Configuring+Default+Space+Permissions

Exactly as Nils Hofmeister described. We now have external users as well, and this has become a huge security problem for us, as it's too easy for someone setting up a space to 'reveal' that space to all other users without realising what they've done.

Please prioritise this issue.

Same issue for me as Arian described it: we got internal and external users. As a default internals may view everything while externals shall be restrictedx to certain spaces explicitly.

This means if I could configure that group X shall get default rights instead of confluence-users, this would eliminate all the pain I will definitely have in the next months explaining users how to configure space permissions and fixing errors. This is also a severe security issue - we need to rely on people doing things right instead of solving this problem programatically. Awkward.

Similar approach here Mark, but we wrote a simple Java based client that uses confluence's API to create the space, as well as some default pages and gadgets.

We have this java app as the final stage in an approval work flow so users can request new spaces without actually creating them.