You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please modify ShareByMailProvider.php to ignore 'permissions' for new shares but use PERMISSION_READ by default (method "createMailShare"), or add a configuration option to define a umask for new permissions.
The current behaviour is really unexpected (and possible dangerous) for users that are accustomed with other file sharing services like Dropbox or Google Drive. With this simple change the user would still be able to grant edit permission explicitly.
Steps to reproduce
Create a new "share by mail"
Expected behaviour
The recipient can download the shared content, but is not able to modify it.
Actual behaviour
If the user doesn't pay attention the recipient is able to misuse the shared file or directory.
Server configuration
Doesn't matter.
The text was updated successfully, but these errors were encountered:
Cybso
changed the title
sharebymail
Change default permissions on sharebymail
Feb 6, 2018
Cybso
pushed a commit
to Cybso/server
that referenced
this issue
Feb 6, 2018
Please modify ShareByMailProvider.php to ignore 'permissions' for new shares but use PERMISSION_READ by default (method "createMailShare"), or add a configuration option to define a umask for new permissions.
The current behaviour is really unexpected (and possible dangerous) for users that are accustomed with other file sharing services like Dropbox or Google Drive. With this simple change the user would still be able to grant edit permission explicitly.
Steps to reproduce
Expected behaviour
The recipient can download the shared content, but is not able to modify it.
Actual behaviour
If the user doesn't pay attention the recipient is able to misuse the shared file or directory.
Server configuration
Doesn't matter.
The text was updated successfully, but these errors were encountered: