no field security with csv export
Bug #854849 reported by invitu on 2011-09-20
This bug affects 3 people
|||Odoo GTK Client (MOVED TO GITHUB)||
|OpenERP's Framework R&D|
Field security is not managed in csv exporting.
If a user has not the right to access to a field in an object (for example standard price in products), he can export the data with gtk client.
This is a security hole
|Changed in openobject-client:|
|assignee:||nobody → OpenERP's Framework R&D (openerp-dev-framework)|
|importance:||Undecided → Wishlist|
|status:||New → Confirmed|
Olivier Dony (Odoo) (odo-openerp) on 2011-09-21
|security vulnerability:||yes → no|
|visibility:||private → public|
To post a comment you must log in.