Make it harder (impossible?) to hijack a dist #82

Merged
merged 5 commits into from Mar 13, 2014

Conversation

Projects
None yet
3 participants
@rjbs
Collaborator

rjbs commented Mar 13, 2014

Right now, there are several cases where a user can get first-come on a dist where (a) the user has no permission and (b) other users do have some permissions.

This plugs that hole.

@andk andk merged commit d3e76f3 into andk:master Mar 13, 2014

@rjbs rjbs deleted the rjbs:critical-security branch Mar 13, 2014

@karenetheridge

This comment has been minimized.

Show comment
Hide comment
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment