Re: Issue 1760 in reviewboard: Security issue: media folder is opened for file browsing
Updates: Status: NotABug Comment #1 on issue 1760 by chipx86: Security issue: media folder is opened for file browsing http://code.google.com/p/reviewboard/issues/detail?id=1760 These are all public files, and the browser needs access to them. Offering file browsing isn't a problem. If there were any private files in here, I'd agree, but I'm not sure what about this is a security problem. If an administrator wants to turn off file browsing, that's easy to do in their install, but isn't a Review Board issue. -- You received this message because you are subscribed to the Google Groups "reviewboard-issues" group. To post to this group, send email to reviewboard-iss...@googlegroups.com. To unsubscribe from this group, send email to reviewboard-issues+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/reviewboard-issues?hl=en.
Issue 1760 in reviewboard: Security issue: media folder is opened for file browsing
Status: New Owner: Labels: Type-Defect Priority-Medium New issue 1760 by yerges: Security issue: media folder is opened for file browsing http://code.google.com/p/reviewboard/issues/detail?id=1760 *NOTE: Do not post confidential information in this bug report.* What version are you running? 1.5 RC1 What's the URL of the page containing the problem? http://demo.reviewboard.org/media/ What steps will reproduce the problem? 1. Click http://demo.reviewboard.org/media/ 2. View file information which is usually secure What is the expected output? What do you see instead? EXPECTED: redirect to main page or HTTP Error 401 Unauthorized What operating system are you using? What browser? generic Please provide any additional information below. -- You received this message because you are subscribed to the Google Groups "reviewboard-issues" group. To post to this group, send email to reviewboard-iss...@googlegroups.com. To unsubscribe from this group, send email to reviewboard-issues+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/reviewboard-issues?hl=en.
