Uploaded image for project: 'Bitbucket Cloud'
  1. Bitbucket Cloud
  2. BCLOUD-9181

Public Wikis on Private Repos are world writeable

    XMLWordPrintable

Details

    Description

      As noted in the comments for Issue BCLOUD-2462:

      https://confluence.atlassian.com/display/BITBUCKET/Repository+privacy,+permissions,+and+more#Repositoryprivacy,permissions,andmore-HowPermissionsworkforIssueTrackersandWikis claims that one can set the repo private and the wiki public to limit writes but allow public reading of the wiki. But with that setup, it is still possible for anyone to modify the wiki by clone, commit, and push.

      IMHO, this is a major bug – anyone can deface public wikis that are supposed to be read-only – it's not just a feature request like issue BCLOUD-2462.

      Attachments

        Activity

          People

            Unassigned Unassigned
            Anonymous Anonymous
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: