request #8736 Possible information leak with SVN permissions on manually defined group is not explicit enough

Artifact

Infos

Artifact ID#8736

Submitted byThomas Gerbet (tgerbet)

Last Modified On2015-12-30 16:17

Submitted on2015-12-30 14:25

Rank8853

Details

Summary *

Possible information leak with SVN permissions on manually defined group is not explicit enough

Original Submission

It is not explicit enough that defining SVN permissions on a manually defined group or a specific user could security issues.
It should be more explicit for an administrator that he must be careful when he edits the SVNAccessFile.

CategorySCM/Subversion

Reported in versionAll

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toThomas Gerbet (tgerbet)

StatusClosed

Close date2015-12-30

Attachments

Connected artifacts

Artifact links

Empty

Reverse artifact links

Releases

AttachmentsEmpty

References

Cross references

Referencing request #8736

Artifact Tracker v5

rel #8596 8.10

Git commit

tuleap/tuleap/stable

Merge commit 'refs/changes/23/4923/2' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD d3de1a9012

Yannis ROSSETTO (rossettoy) , 2015-12-30 16:13

request #8736: Add an explicit message concerning possible information leak 61a764d5ed

Thomas Gerbet (tgerbet) , 2015-12-30 16:04

Show items referenced by request #8736

Referenced by request #8736

Other

gerrit #4923

Follow-ups

Yannis ROSSETTO (rossettoy)

2015-12-30 16:17

Merged in Tuleap 8.9.99.58

Status changed from Under review to Closed
Close date set to 2015-12-30

Thomas Gerbet (tgerbet)

2015-12-30 14:35

A patch is under review: gerrit #4923.

Status changed from Under implementation to Under review

Public