Issue #6309 resolved

default security on repo allows push from random user?

Chris Lee-Messer
created an issue

Hello, most likely I have something configured incorrectly but I was supprised when someone was able to push directly to the repo that I maintain.

Here is our discussion.

https://bitbucket.org/cleemesser/django-wsgiserver/issue/4/mediahandler-security-of-paths

Comments (5)

  1. Brian Nguyen staff

    Hi,

    I tried this out on my own public repository and I was unable to reproduce this scenario. A user should only be able to push to a repo if they have write access.

    Could you please contact support@bitbucket.org. We will try and solve you issue from there.

    Cheers, Brian

  2. Log in to comment