Mike-EEE
My feedback
-
75 votes
An error occurred while saving the comment An error occurred while saving the comment Mike-EEE commented
I am not sure why I would want to by default publicly share a resource that can immediately be deleted. Maybe someone in OneDrive can explain the security thinking behind this so we can better understand why it is designed in such a way to expose such a massive vulnerability to our resources.
Mike-EEE shared this idea ·
-
52 votes
An error occurred while saving the comment Mike-EEE commented
Since this vote has been archived, I have recreated wholesale here:
https://onedrive.uservoice.com/forums/913531-onedrive-sharing-collaboration/suggestions/34847941-share-links-dangerously-default-to-view-and-editAn error occurred while saving the comment Mike-EEE commented
Truly. OneDrive now has syncing to your desktop and documents. One accidental right-click will give the entire world access to said resources but allow them to delete every file found within there.
Why would you want to Edit by default?
"According to Microsoft, the CVE-2020-0935 vulnerability, is a privilege elevation risk that exploits how the OneDrive for Windows desktop app handles symbolic links. If successfully exploited, an attacker could take control of the affected Windows system by overwriting a targeted file and gaining elevated status."