[Rt-devel] Security concern for RT 3.3/3.4 CF access controls.

Todd Chapman rt at chaka.net
Thu Dec 2 14:15:24 EST 2004

Previous message: [Rt-devel] Bug in RT3.0.11 RT::Ticket::SetStatus
Next message: [Rt-devel] Security concern for RT 3.3/3.4 CF access controls.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If a user of RT 3.3/3.4 is not allowed to see the value
of certain custom fields, what keeps them from seeing
the value being set in the ticket history. Is a rights
check done for each transaction?

And yes, I'm too busy at the moment to look at the code
myself. :)

BTW, Asset Tracker v0.1alpha is coming along nicely!

-Todd

Previous message: [Rt-devel] Bug in RT3.0.11 RT::Ticket::SetStatus
Next message: [Rt-devel] Security concern for RT 3.3/3.4 CF access controls.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Rt-devel mailing list