Hi, I have seen one other reference in the mailing list regarding a security hole, but I want to clarify this issue. The following url is displayed on the address bar:
http://localhost:8080/portal/media-type/html/user/bstraw001/page/default.psml/js_pane/P-f2c3135036-10001 This url design was not present in version 1.3a2. By substituting the userid with another valid userid, I can see the other user's content. Any thoughts? Mitigating controls? Missed configuration? __________________________________________________________________ The NEW Netscape 7.0 browser is now available. Upgrade now! http://channels.netscape.com/ns/browsers/download.jsp Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
