I'm taking a look at this. At first sight it seems only allowed people have permission to get the file. On 23 September 2011 15:09, Farkas, Lorant (NSN - HU/Budapest) <lorant.farkas at nsn.com> wrote: > > > ______________________________________________ > From: Bisztray, Denes (NSN - HU/Budapest) > Sent: Friday, September 23, 2011 3:07 PM > To: fiware-support at lists.fi-ware.eu > Cc: Farkas, Lorant (NSN - HU/Budapest) > Subject: private documents visible > > Hi, > > The supposedly private documents are still reachable from outside. If you > search google for keywords from the docs, it finds them and gives you the > link. I believe this is a SERIOUS security problem, please resolve it ASAP. > > Evidence: > > Search for Cumulocity NSN: > > http://www.google.fi/#sclient=psy-ab&hl=hu&source=hp&q=Cumulocity+NSN&pbx=1&oq=Cumulocity+NSN&aq=f&aqi=&aql=1&gs_sm=e&gs_upl=4279l4899l2l5159l4l3l0l0l0l0l224l428l2-2l3l0&bav=on.2,or.r_gc.r_pw.&fp=9a24604d477dfd8&biw=1373&bih=728 > > The third from the bottom is the PRIVATE supposedly not visible Architecture > document. > > 2. Trying it with IDAS Telefónica its even worse: > > http://www.google.fi/#sclient=psy-ab&hl=hu&source=hp&q=IDAS+Telef%C3%B3nica&pbx=1&oq=IDAS+Telef%C3%B3nica&aq=f&aqi=&aql=1&gs_sm=e&gs_upl=49626l52101l0l52294l15l12l0l0l0l0l303l2660l0.1.9.1l11l0&bav=on.2,or.r_gc.r_pw.&fp=9a24604d477dfd8&biw=1373&bih=728 > > It’s the third from the top. > > Best, > Dénes Bisztray > > _______________________________________________ > Fiware-support mailing list > Fiware-support at lists.fi-ware.eu > http://lists.fi-ware.eu/listinfo/fiware-support > >
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy