Tracker: Bugs
When a visitor (someone who's not logged in) clicks to
download a document and then leaves the page, they
are automatically logged in as 'nobody.'
'Nobody' now has the right to add people, change
information, upload and delete documents and images,
and is even given the option to change password
(although not sure what the system considers the
current password to be).
Of course, they do not have the option to admin, it's
just as if I had created a user called nobody. When
logged in as 'nobody' if I try to access admin.php, I get
the forbidden error, and then am logged back out
completely when returning to the page I was just at.
I am using version 1.3.0.
Simon Booth
Security
v1.3.0
Public
Comments ( 3 )
|
Date: 2004-06-19 20:22 Logged In: YES |
|
Date: 2004-06-16 16:45 Logged In: YES |
|
Date: 2004-06-16 16:37 Logged In: YES |
Log in to comment.
Attached File
No Files Currently Attached
Changes ( 6 )
| Field | Old Value | Date | By |
|---|---|---|---|
| status_id | Open | 2004-06-19 20:22 | simesb |
| close_date | - | 2004-06-19 20:22 | simesb |
| category_id | None | 2004-06-16 16:29 | simesb |
| artifact_group_id | None | 2004-06-16 16:29 | simesb |
| priority | 5 | 2004-06-16 16:29 | simesb |
| assigned_to | nobody | 2004-06-16 16:29 | simesb |
About SourceForge
Develop Software
Community
Copyright © 2010 Geeknet, Inc. All rights reserved. Terms of Use
