Hi, I have taken a look at this issue. Apparently, the access to the documents you mention is restricted. Maybe you were clicking on the links above and it worked because you had logged previously to FusionForge and the session was still open. I tested the access myself for the first document (Cumulocity NSN), first without being logged in FusionForge and second once I had logged in. The document was only accessible when I was logged in. Without being logged in FusionForge, a "Permission denied" message is returned. What is an error and should be fixed is the fact that the private documents are indexed by the Google crawlers (although at the end of the day, they remain inaccessible). This is an issue we should fix. However, let me make the point that no private document has become publicly accessible, which is what really matters. Best regards, Juanjo Hierro Chief Technologist on Software Technologies Telefonica R&D Labs email: jhierro at tid.es<mailto:jhierro at tid.es> phone: +34 91 48 32932 www.tid.es<http://www.tid.es> twitter.com/JuanjoHierro Oeste 1, Planta 5. Distrito C Ronda de la Comunicacion s/n Madrid 28050 Spain On 23/09/11 15:07, Bisztray, Denes (NSN - HU/Budapest) wrote: Hi, The supposedly private documents are still reachable from outside. If you search google for keywords from the docs, it finds them and gives you the link. I believe this is a SERIOUS security problem, please resolve it ASAP. Evidence: 1. Search for Cumulocity NSN: http://www.google.fi/#sclient=psy-ab&hl=hu&source=hp&q=Cumulocity+NSN&pbx=1&oq=Cumulocity+NSN&aq=f&aqi=&aql=1&gs_sm=e&gs_upl=4279l4899l2l5159l4l3l0l0l0l0l224l428l2-2l3l0&bav=on.2,or.r_gc.r_pw.&fp=9a24604d477dfd8&biw=1373&bih=728<http://www.google.fi/> The third from the bottom is the PRIVATE supposedly not visible Architecture document. 2. Trying it with IDAS Telefónica its even worse: http://www.google.fi/#sclient=psy-ab&hl=hu&source=hp&q=IDAS+Telef%C3%B3nica&pbx=1&oq=IDAS+Telef%C3%B3nica&aq=f&aqi=&aql=1&gs_sm=e&gs_upl=49626l52101l0l52294l15l12l0l0l0l0l303l2660l0.1.9.1l11l0&bav=on.2,or.r_gc.r_pw.&fp=9a24604d477dfd8&biw=1373&bih=728<http://www.google.fi/> It's the third from the top. Best, Dénes Bisztray ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra política de envío y recepción de correo electrónico en el enlace situado más abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.fiware.org/private/fiware-support/attachments/20110925/02130ae4/attachment.html>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy