From: Damian P. <da...@da...> - 2005-11-02 08:53:18
|
On Tue, Nov 01, 2005 at 07:10:07PM -0200, Luis Henrique Fagundes wrote: > The last commit message 1 day before release said "Please TEST IT with > categorized objects and users perms". If one client of that company > sees a forbidden object in a search, someone is likely to lose the job > there. Has anyone tested it? Personally if any tiki site I have holds that kind of sensitive data I never even today turn on the search feature. Its too risky. I already showed Jason (coop tools) I could read his prostive clients pages that were "secured" just by typing junk into the search box. :( Damian Parker Damosoft http://www.damosoft.co.uk |