[kronolith] Shared Calendars Permissions Not Secure?

[Derek J. Balling]

I have two users in this example, "dballing" and "testuser". "dballing" 
is an admin, "testuser" is not.


"dballing" creates a shared calendar "dballingtestcal", and sets 
default permissions of "Show" and "Read" on it.

"testuser" now sees that calendar and its events as available for him 
to view (yayyyy!), *but* he can also go into "Edit My Calendars", see 
the calendar in there, and edit its permissions, etc. etc. as well 
(boooooo!)

Have I got something horribly misconfigured? Is this a known or unknown 
bug?

Thanks for all the great work on shared calendaring, so far, though. :-)

D