Aprotim (herbie) wrote in lj_dev,

Post security issue

I am a member of many communities,as well as the moderator of a few. Somebody pointed this possibility out to me, and I was wondering if anybody felt like tackling this issue.

I list communities as friends, so I can read them in my friends page, but I just realized that if I post something in my journal for friends-only, the owner of those communities can view my friends-only posts by logging in as the community. Not a huge concern for me, but it may be for some people.

Perhaps some server code to prevent this? Or at least a caveat on the friends adding page? Hmm.

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded