Details
-
Bug
-
Resolution: Duplicate
-
Medium
Description
As noted in the comments for Issue BCLOUD-2462:
https://confluence.atlassian.com/display/BITBUCKET/Repository+privacy,+permissions,+and+more#Repositoryprivacy,permissions,andmore-HowPermissionsworkforIssueTrackersandWikis claims that one can set the repo private and the wiki public to limit writes but allow public reading of the wiki. But with that setup, it is still possible for anyone to modify the wiki by clone, commit, and push.
IMHO, this is a major bug – anyone can deface public wikis that are supposed to be read-only – it's not just a feature request like issue BCLOUD-2462.