Skip to:
Content
Pages
Categories
Search
Top
Bottom

Admin accounts can read other users' private messages via Notifications tab


  • vitamincee
    Participant

    @vitamincee

    We just noticed on our Buddypress site that when an Admin user clicks on another user’s profile, and then to the Notifications tab, they can then read the private messages of other users.

    The URL changes from /members/the-user-account/notifications/read/ to /members/the-admin-account/messages/view/message#, and shows the admin’s profile, but feeds the user’s message.

    I’m wondering if this is a known bug? I searched the forum but did not find anything about this.

    Thanks!

Viewing 16 replies - 1 through 16 (of 16 total)

  • Henry Wright
    Moderator

    @henrywright

    Hi @vitamincee

    As an admin, you have access to your member’s private messages. That’s by design. Why would you want to restrict access to anything for an admin account?


    bp-help
    Participant

    @bphelp

    @vitamincee
    As @henrywright mentioned that is by design. Otherwise how would you be able to solve issues between users as an admin if one of your users complains that another user is sending harassing private messages. If you was locked out of viewing the private messages as an admin then you really couldn’t determine if its a legit complaint or someone just causing drama.


    rosyteddy
    Participant

    @rosyteddy

    Imho, it is a debatable issue. Is the software/program designed such as to allow the admin to read PM only if there is a complaint ? Is it explicit in the terms and conditions that admin can read PM in which case some users may not like to register?

    An user should have initial ways of blocking another harassing users like ello.co does rather than admin jumping into read PMs. In some countries it may be illegal or serious breach of privacy issues. Then there are much “grey” areas as to what is “drama” or what is a “legit” complaint.

    Also see this and this.


    bp-help
    Participant

    @bphelp

    @rosyteddy
    I suppose that is why a site owner should seek legal advice when creating a sites “Terms of Service” and “Privacy policy.” I seriously doubt any ethical admin would be reading other users PM’s without just cause or if they were served a court subpoena to access the PM’s.


    vitamincee
    Participant

    @vitamincee

    The part which made me think it was a bug was when I opened the test user’s message from viewing their profile, it brought me to my own profile, but displayed the user’s messages.

    We have over 20 admins and over 35k users – it’s a huge site. I’d prefer it if admins could not read messages, but it’s not a huge deal.


    rosyteddy
    Participant

    @rosyteddy

    @vitamincee

    it brought me to my own profile, but displayed the user’s messages.

    If you can read an user A’s message from user A’s profile, that may be by design. But if it is from your profile it may be a bug. What are the steps to reproduce and in which version – with these facts you may consider submitting a ticket. Thanks.


    vitamincee
    Participant

    @vitamincee

    I can read another user’s message list from their profile, and when I click on the message to read it, it brings the message up but within my own profile. I’m happy to submit a ticket.


    Henry Wright
    Moderator

    @henrywright

    @-vitamincee just wondering about your permissions scheme. Would the 20 + admin accounts you have set up would be better off as editors? If a particular user doesn’t need certain permissions then it’s a good idea to not award them. Usually this is done for both security reasons and to ensure there’s less chance of somebody breaking something inadvertently.


    mcpeanut
    Participant

    @mcpeanut

    @vitamincee @henrywright @bphelp

    The part which made me think it was a bug was when I opened the test user’s message from viewing their profile, it brought me to my own profile, but displayed the user’s messages.

    Hmm i too noticed this recently, i cannot remember when though, i also had the same thing happen when viewing a test users profile and clicking a message and thought it was strange.

    I will have to investigate it further and try to see if it is still happening and let you guys know.

    I also agree that being able to disable admins the right to view these messages would be great too.

    .” I seriously doubt any ethical admin would be reading other users PM’s without just cause or if they were served a court subpoena to access the PM’s.

    Ethical or not you will always get people that abuse privileges given to them and keep it quiet, this is human nature, we don’t all think the same and what is Ethical to one person is not Ethical to another.

    Maybe there should be better ways to give users moderator capability’s that doesn’t mean giving them full admin rights, at least this way only the actual site admin has access to doing this in-case it is in-fact ever needed for legal reasons etc?


    vitamincee
    Participant

    @vitamincee

    Totally aware of the too many admins issue. Right now most of them need admin access to be able to edit user accounts, grant contributor/author access, etc. I’m working on making that a bit more streamlined and knocking down folks to editor.


    mcpeanut
    Participant

    @mcpeanut

    @vitamincee You should always be very very cautious who you make a site admin, this role should not be given out lightly to users you “think” you can trust, you should look at a few role editor plugins which will allow you to create new roles and edit every part of the privileges that role is granted.


    vitamincee
    Participant

    @vitamincee

    @mcpeanut Thanks, and like I said I’m aware of the issue of too many admins. I’ve been working with WordPress for over 10 years, I know about roles and capabilities. This is a site that I help out with – not my personal site, and there are a lot of moving parts.

    I am curious if you can replicate this odd behavior, thanks for investigating.


    bp-help
    Participant

    @bphelp

    @mcpeanut
    While I appreciate your concern on the OP’s topic you should also be aware that most social network admins including the big ones you may be using have access to PM’s as well as IP’s and Internet Service Providers. If your that paranoid about who has access to your data then I suppose the best policy would be not to volunteer it by joining in the first place of course this is just my honest opinion.

    The part which made me think it was a bug was when I opened the test user’s message from viewing their profile, it brought me to my own profile, but displayed the user’s messages.

    I can’t replicate this behavior but as an admin I can go to a members PM’s they have sent and view them. It didn’t take me as an admin to my own profile and show up in my PM’s.


    mcpeanut
    Participant

    @mcpeanut

    @bphelp

    While I appreciate your concern on the OP’s topic you should also be aware that most social network admins including the big ones you may be using have access to PM’s as well as IP’s and Internet Service Providers. If your that paranoid about who has access to your data then I suppose the best policy would be not to volunteer it by joining in the first place of course this is just my honest opinion.

    Hey bphelp i think you missread what i was getting at bro 🙂

    Maybe there should be better ways to give users moderator capability’s that doesn’t mean giving them full admin rights

    If you read the quote above from my reply i was talking about vitamincee having to have lots of admins on her site which is what i dont agree with just to do things buddypress related.

    If your that paranoid about who has access to your data then I suppose the best policy would be not to volunteer it by joining in the first place of course this is just my honest opinion.

    I have to agree with you on this, If a user joins your or any other site he or she has to accept the way it is run in my opinion. And i understand the network admin should be able to see everything that is going on throughout the site incase anything needs to be dealt with. I was just trying to tell vitamincee that she should not hand out admin privileges unless she is 100 percent certain of the user she entrusts with these privileges (one bad egg can make you sick). I do think the way to go rather than give people full admin rights its via role editors which is what i use in all my projects, this way you control with fine detail what a user is allowed to do.


    bp-help
    Participant

    @bphelp

    @mcpeanut @vitamincee
    Just out of curiosity what role editors are you referring to so the OP can explore that route and can these role editors allow you to assign moderators that wouldn’t have full admin rights? For instance could you as an admin assign a moderator that could edit the activity stream and forum topics without them being able to view the other users PM’s? If so that may be what the OP needs. Thanks!


    Anonymous User 14034920
    Inactive

    @anonymized-14034920

    Hi everybody,

    is there anything new with the problem? I have the same problem in my BP-installation:
    When I view the profil of one user and type /messages in the URL, I stay on the profile site of the user but see my own messages instead of the messages the user recieved.

    I’d be happy for any hints.

    Greetings
    Miriam

Viewing 16 replies - 1 through 16 (of 16 total)
  • The topic ‘Admin accounts can read other users' private messages via Notifications tab’ is closed to new replies.
Skip to toolbar