Oct 21, 2010 at 8:20 AM
Edited Oct 21, 2010 at 8:23 AM
has anyone any ideas on how to close the security loophole that allows the end user to bypass the sharepoint security. This can be acheived by carrying out the following:
Navigate to 'Podcasts' page.
Select any of the videos to play.
Right click on download and select 'Properties'.
Copy the URL and paste it into another browser session.
Trim off the last bit of the URL - it will be something like '?=&mode=Play-Download'.
It looks like what happens here is that the IIS and file level security takes over and Sharepoint access policies are ignored. Maybe I have missed something during instalation.
Hope to hears from others who may have the same concerns.
Thanks in advance,