1.42, mysql, tomcat.
spaces create before upgrade to 1.4
I created a page in my personal space which has permissions set so that only I can view.
No anonymous permissions set.
Menu needs to be
Permissions set to Space default
Checkbox to override permissions, which would activate the permissions menu, and let the user set the permissions.
I've always noticed that when creating a page, that open permissions were set, but thought that space permissions would be enforced.
I created a page. Then logged in as the administrative users (if you use root all the time, you'll never know what problems users are having ). I then when to the dashboard, and noticed that my page was in the recently updated. How could this be, I set up the space with permissions so that only i could view it.
I logged out, and logged in as myself, and reset the permissions to myself only, and
Then I thought, oh crap (to put it lightly). All those pages we've created since the 1.4 upgrade have open permissions, and anyone can read them. That is really not a good thing to find out on saturday morning.
(explicative) I need to file two issues, one fix the interface, one make a space permissions fixer.
- is caused by
CONFSERVER-4616 Remove/rework special privileges of confluence-administrators ("superuser") group
- Gathering Interest