Server 0.8.3: user can delete empty dirs w/o permission
|Reported by:||ruisa||Owned by:|
|Keywords:||Cc:||ruisa, Tim Kosse|
|Component version:||Operating system type:|
|Operating system version:|
Having setup a user with only permission to read files
and list directories/subdirs, this user can still DELETE
directories on the server as long as they are empty.
If I have an elaborate structure of directories on my
server that for some reason are temporarily empty, any
user can DELETE this whole directory structure without
having permission to do so as a result of this bug.