Is this secure ? (privacy rules)

Hi Bubblers

Question related to privacy and security, if someone can help it would be much appreciated :slight_smile:

I have a privacy rule where where “everyone else” can view some data.
For example the datatype is “company”, and the fields checked as “everyone can see” are “company_name”, “company_industry”, etc…
I unchecked “find this in search”

I have a page on my app where content-type is this datatype (company)

As far as I understand, user accessing this page with the correct link (meaning displaying the datatype unique ID, So for example : mybubbleapp.io/company/123456789x987654321)
will be able to see the data needed (company_name value of this company, company_industry value of this company).

And an attaquant could not retrieve any other data from other company as they could not search for it. Is it correct ? Is there anything else to pay attention for ?

Many thanks

This topic was automatically closed after 70 days. New replies are no longer allowed.