Submitted by ADobkin on Wed, 01/03/2007 - 15:49
When creating a new mailbox user in Virtualmin 3.31, the following option appears:
Allow access to web directories
In the list below, web directories appear system-wide, i.e. for other users that are not part of this virtual server. This appears to be a potential security hole, and at the very least, it exposes data about other clients.
Status:
Closed (fixed)