Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

A feature request that is a security bug… Why?

Xavier Delligne March 3, 2024

https://jira.atlassian.com/browse/CONFCLOUD-57825

Restrict access to Service Desk knowledge base spaces to Service Desk customers only

 

Currently, when linking a Confluence Space to Service Desk the setting "Any active user can view this space" is enabled automatically in the Confluence space. That means, that any Confluence users, regardless of not being Service Desk customers will be able to view the space, regardless of the space permissions.

I have the same problem, I should use a specific restriction on pages in each space as a workaround (a lot a work time and risk). This is clearly a security hole and not a « feature »… I don’t understand.


There is a ticket created in 2017 !!!!

Please come and vote for change, or please, Atlassian, change the ticket into a bug (as a feature, we may have to wait a long time yet...).

 

Thank you

1 comment

Xavier Delligne March 14, 2024

Personally, I think there's a clear lack of centralised access management that really works (without counter-intuitive settings). 

It would have been interesting to get a response from Atlassian on this subject. But given that this is wrongly considered to be a feature, I doubt that this flaw will ever be corrected. Too bad.

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events