Make it harder (impossible?) to hijack a dist #82

merged 5 commits into from Mar 13, 2014


None yet
3 participants

rjbs commented Mar 13, 2014

Right now, there are several cases where a user can get first-come on a dist where (a) the user has no permission and (b) other users do have some permissions.

This plugs that hole.

@andk andk merged commit d3e76f3 into andk:master Mar 13, 2014

@rjbs rjbs deleted the rjbs:critical-security branch Mar 13, 2014


This comment has been minimized.

Show comment
Hide comment
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment