Suggested messages possibly bypassing see-permissions?

I recently noticed that the suggested message following one of my PMs was in fact private between another admin and another user. Of course as admin I can see other people’s PMs, but it seems odd for them to be recommended to me?

It’s difficult to repro without impersonating a whole bunch of our users, which I’d obviously rather not do, but it has happened to me at least twice this week now with different users. I never noticed it happening before the most recent update.

This thread from 2017 suggested that the problem was solved at that time. We have currently worked around it by disabling Number of suggested topics shown at the bottom of a topic entirely.

Yeah, that seems strange to me, too. Just to double-check: are you in a group message? Sometimes I’ve wondered why I was being notified, and realized I was in a group on the message, but the group names don’t pop visually the same way, hence my confusion.

Recommending PMs without cause would be very confusing. :dizzy_face:

1 Like

No, this isn’t possible. Recategorizing to support.

I was reading a group message at the time, but the recommended message at the foot of it was not a group message.

I will go and repro then.

Related Messages is always messages with the same or a similar recipient list.
Suggested Messages does not have that restriction.

2 Likes

Thank you, it is reassuring to hear that it is in fact possible, and not just my imagination.

However the lack of restriction on suggested messages seems like at best a breach of user trust and at worst a vulnerability. Even as admin, I shouldn’t be getting suggested private messages that aren’t for me and don’t @mention me. What is the reasoning behind allowing this? Does it only apply to staff accounts, or can all our users have other people’s private messages suggested to them?

This only applies to admin, not staff - admins can see all messages, moderators can only see messages with an active flag.

2 Likes

Thank you for the quick reply. However, I still don’t see what the aim is of actively suggesting other people’s private messages to admin (while showing the title of the message). It still looks like a breach of trust or a vulnerability, and as such, something that should be removed.

2 Likes

They aren’t called private messages for that reason. Discourse doesn’t use that term at all.

Admins can read any personal message and access any protected category.

If you’re worried about entering topics that you shouldn’t, your daily account doesn’t need to be an admin. Create an additional account to execute your admin tasks, and run your regular account as TL4/Moderator.

1 Like