Issue #6309 resolved

default security on repo allows push from random user?

Christopher Lee-Messer created an issue 2013-02-10

Hello, most likely I have something configured incorrectly but I was supprised when someone was able to push directly to the repo that I maintain.

Here is our discussion.

https://bitbucket.org/cleemesser/django-wsgiserver/issue/4/mediahandler-security-of-paths

Comments (5)

Michael Frauenholtz staff
In the admin section of that repository, is there anything listed under Access Management? That should let you know who has write access to that repository.
- 2013-02-11T17:37:23+00:00
Brian Nguyen
Hi,

I tried this out on my own public repository and I was unable to reproduce this scenario. A user should only be able to push to a repo if they have write access.

Could you please contact support@bitbucket.org. We will try and solve you issue from there.

Cheers, Brian
- 2013-02-12T19:49:19+00:00
Brian Nguyen
- changed status to on hold
- 2013-02-12T19:49:26+00:00
Erik van Zijst staff
- changed status to resolved
I'm preemptively resolving this as it's been over 2 weeks without further updates. Just reopen if you're still having problems.
- 2013-03-02T04:55:04+00:00
Erik van Zijst staff
- assigned issue to
  
  Erik van Zijst
- 2013-03-02T04:55:17+00:00
Log in to comment

Assignee: Erik van Zijst

Type: bug

Priority: major

Status: resolved

Component: –

Votes: 0

Watchers: 2

Jira Software: the preferred issue tracker for Bitbucket. Join the team!