Expected Behavior
When requesting access to a secret, SMTP bounce messages caused by f.i. dead email addresses are swallowed by TeamVault.
Actual Behavior
TeamVault tries to send notifications to all users, adding them all via SMTP TO. When such a mail subsequently bounces because one of the TOs is 505 undeliverable, the sender is notified by whatever mail server is configured for TeamVault directly.
Steps to Reproduce the Problem
- Grant a user access to a secret who has some invalid email address configured
- Request access to the secret using some as-of-yet unprivileged user with a valid inbox.
- Observe that second user's inbox. The bounce message leaks who the requested secret belongs to, including their email addresses.
Specifications
- Version: 0.7.3
- Platform: //S
- Subsystem: mailer-daemon
Expected Behavior
When requesting access to a secret, SMTP bounce messages caused by f.i. dead email addresses are swallowed by TeamVault.
Actual Behavior
TeamVault tries to send notifications to all users, adding them all via SMTP TO. When such a mail subsequently bounces because one of the TOs is 505 undeliverable, the sender is notified by whatever mail server is configured for TeamVault directly.
Steps to Reproduce the Problem
Specifications