[Rt-devel] RT 3.6.0rc2

Jesse Vincent jesse at bestpractical.com
Mon May 15 13:56:00 EDT 2006

> Jesse,
> I get the impression that some people think checking ACLs on the
> second ticket is a new behavior. It isn't. That's the way things
> have been for a long time. A security change like this is
> dangerous. It should be a config file option, not a change in the
> default security policy.

My profound apologies. The nature of the reports confused me. It seemed
fairly clear from the reports that the permission check on the second
ticket was a new behaviour.  It'll be reverted and get a bit more study.

> What has changed is the creation of the transaction in the
> second ticket. If there are problems associated with that
> then a different soltion should be found.
> -Todd


More information about the Rt-devel mailing list