Question

We have a number of webs on a single server. The problem is that some of these are limited to a certain set of people (yes, I know that's against Wiki philosoply but sometimes there are business reasons).

Since the delete topic function from all the webs use the same Trash web, anyone can browse it and get to sensitive information. The question is how to close this security breach? Any suggestions?

Environment

-- PankajPant - 13 Oct 2005

Answer

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

Simple solution: Lock down the Trash web by setting ALLOWTOPICVIEW to the TWikiAdminGroup (in Trash.WebPreferences)

-- PeterThoeny - 13 Oct 2005

Did you mean ALLOWWEBVIEW?

And would that still let people continue to delete topics? It would be OK for only the admins to be able to "undelete".

Thanks.

-- PankajPant - 13 Oct 2005

Sorry, yes, ALLOWWEBVIEW.

Yes to the second question.

-- PeterThoeny - 13 Oct 2005

This doesn't work. The text of the topic after the move gets replaced by "No permission to read topic Trash.Topic - perhaps you need to log in?".

I tracked it down to Store::renameTopic, which calls Store::readTopicRaw in order to modify the "moved" metadata. Howwever, since the user does not have permissions to view the topic, the above text gets returned.

-- PankajPant - 24 Oct 2005

This is fixed in the DakarRelease.

-- PeterThoeny - 14 Nov 2005