We'd like to make a custom View that uses data from the Entity Delete Log to share data with anonymous users, without giving anonymous users the 'View site reports' permission (as needed since the security fix in 1.1.1).
Make (or duplicate) a Page View that uses this modules data, set the access permissions to 'Unrestricted'. The page will load for anonymous users, but they cannot see the (most recent) data.
Interestingly, they do get to see whatever data was last generated when an authorized user loaded the view, so there seems to be some caching of query results happening that can leak data to unauthorized users. Will generate a bug report for that.
Not sure what the best course of action is. Maybe a new permission that is specific to the Entity Delete Log module (instead of the more general 'View site reports' permission that introduces security risks)?
Closed: works as designed
1.1
Code
Sorry, ignore this feature request. I misunderstood the security fix; it is possible to make the view available for anonymous users by setting the access permissions of the view. The problem I'm having is that the contents of the view are not refreshed when I make a view that has broader access permissions. I'll file a bug report for this.