[wicked] wicked page security

[Brian Martinez]

All,

This is an excerpt from an email that I received from my manager regarding 
the Wiki.
It may be a problem that requires examination.  As it may provide users the 
capability to
end-run security.

>I just stumbled on an interesting "security hole" in the wiki.  I was
>reviewing some of Tuna's docs on the STB ops and clicked on recent
>additions.  I notice that everything was either yours or guest.  However
>there was one doc called ShoDaHo.  Naturally, curiosity killed the cat (and
>innocence).  So, I clicked on the doc name to check it out.  Not too
>surprisingly, I was denied access.  However, I was able to view the diffs
>(red and blue glass)  which gave me full access to the w"hole" doc (pun
>intended).  Somehow I don't think this is an intended 'feature'.

V/R,
Brian