13 Feb
2012
13 Feb
'12
11:08 p.m.
--
Ricardo Rodríguez
Research Management and Promotion Technician
Health Research Institute of Santiago de Compostela (IDIS)
http://www.idisantiago.es
________________________________________
From: users-bounces(a)xwiki.org [users-bounces(a)xwiki.org] On Behalf Of Vincent Massol
[vincent(a)massol.net]
Sent: 13 February 2012 18:09
To: XWiki Users
Subject: Re: [xwiki-users] security breach?
On Feb 13, 2012, at 5:47 PM, <Ricardo.Julio.Rodriguez.Fernandez(a)sergas.es>
<Ricardo.Julio.Rodriguez.Fernandez(a)sergas.es> wrote:
Hi!
Under certain circunstances I'm not able to identify, even though a given I've no
access to a given XWiki page, it is possible to access/download their attached files
provided you know their URLs.
Please, could you figure out why this could happen? Thanks!
> Can you reproduce it? And if so, can we get access
to a page showing the symptom or could you tell us how to reproduce?
>
> Without more details it's going to be hard to figure out.
>
> Thanks
> -Vincent
Hi, Vincent,
No, I've not been able to reproduce it yet. The issue arose sometime ago when an user
claims that a paper of him, ready to be published by a first line magazine, appears
indexed by Google even though it was theoretically protected within a XWiki installation.
Please, check this:
http://atrium_km.idisantiago.es/bin/Project/Transcan2012 - you must be required to
identify
http://atrium_km.idisantiago.es/bin/download/Project/Transcan2012/S28BW.num… - at
least from my browsers here, this image is freely accessible... some cache related issue?
http://atrium_km.idisantiago.es/bin/download/Project/Transcan2012/idisMotto… - you are
required to identiy; this file is attached to the same page!
Vincent, do you remember your account at EPEC Network? Atrium_KM is now the controller of
the whole farm. I've chaged eBioTIC. look and feel to fit the image requirements of
this new initiative. I do hope I'll be able to get it bak ASAP! I've created a new
account for you there and I'm sending you a new password.
Thanks!
Ricardo
This is causing me some serious problems here. Running
XWiki Enterprise 2.4.30451.
Greetings!
Ricardo
--
Ricardo Rodríguez
Research Management and Promotion Technician
Health Research Institute of Santiago de Compostela (IDIS)
http://www.idisantiago.es
Nota: A información contida nesta mensaxe e os seus posibles documentos adxuntos é
privada e confidencial e está dirixida únicamente ó seu destinatario/a. Se vostede non é
o/a destinatario/a orixinal desta mensaxe, por favor elimínea. A distribución ou copia
desta mensaxe non está autorizada.
Nota: La información contenida en este mensaje y sus posibles documentos adjuntos es
privada y confidencial y está dirigida únicamente a su destinatario/a. Si usted no es
el/la destinatario/a original de este mensaje, por favor elimínelo. La distribución o
copia de este mensaje no está autorizada.
See more languages: http://www.sergas.es/aviso_confidencialidad.htm
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Nota: A información contida nesta mensaxe e os seus posibles documentos adxuntos é privada
e confidencial e está dirixida únicamente ó seu destinatario/a. Se vostede non é o/a
destinatario/a orixinal desta mensaxe, por favor elimínea. A distribución ou copia desta
mensaxe non está autorizada.
Nota: La información contenida en este mensaje y sus posibles documentos adjuntos es
privada y confidencial y está dirigida únicamente a su destinatario/a. Si usted no es
el/la destinatario/a original de este mensaje, por favor elimínelo. La distribución o
copia de este mensaje no está autorizada.
See more languages: http://www.sergas.es/aviso_confidencialidad.htm