diff --git a/lib/export.php b/lib/export.php
index 9797498d..404d945d 100644
--- a/lib/export.php
+++ b/lib/export.php
@@ -19,13 +19,14 @@ class OC_Calendar_Export{
 	 * @brief export a calendar or an event
 	 * @param integer $id id of calendar / event
 	 * @param string $type use OC_Calendar_Export constants
+	 * @param boolean $security true: check access class; false: don't (used mainly with link-sharing)
 	 * @return string
 	 */
-	public static function export($id, $type) {
+	public static function export($id, $type, $security=true) {
 		if($type == self::EVENT) {
-			$return = self::event($id);
+			$return = self::event($id, $security);
 		}else{
-			$return = self::calendar($id);
+			$return = self::calendar($id, $security);
 		}
 		return self::fixLineBreaks($return);
 	}
@@ -33,14 +34,15 @@ class OC_Calendar_Export{
 	/**
 	 * @brief exports a calendar and convert all times to UTC
 	 * @param integer $id id of the calendar
+	 * @param boolean $security true: check access class; false: don't (used mainly with link-sharing)
 	 * @return string
 	 */
-	private static function calendar($id) {
+	private static function calendar($id, $security=true) {
 		$events = OC_Calendar_Object::all($id);
 		$calendar = OC_Calendar_Calendar::find($id);
 		$return = "BEGIN:VCALENDAR\nVERSION:2.0\nPRODID:ownCloud Calendar " . OCP\App::getAppVersion('calendar') . "\nX-WR-CALNAME:" . $calendar['displayname'] . "\n";
 		foreach($events as $event) {
-			$return .= self::generateEvent($event);
+			$return .= self::generateEvent($event, $security);
 		}
 		$return .= "END:VCALENDAR";
 		return $return;
@@ -49,12 +51,13 @@ class OC_Calendar_Export{
 	/**
 	 * @brief exports an event and convert all times to UTC
 	 * @param integer $id id of the event
+	 * @param boolean $security true: check access class; false: don't (used mainly with link-sharing)
 	 * @return string
 	 */
-	private static function event($id) {
+	private static function event($id, $security=true) {
 		$event = OC_Calendar_Object::find($id);
 		$return = "BEGIN:VCALENDAR\nVERSION:2.0\nPRODID:ownCloud Calendar " . OCP\App::getAppVersion('calendar') . "\nX-WR-CALNAME:" . $event['summary'] . "\n";
-		$return .= self::generateEvent($event);
+		$return .= self::generateEvent($event, $security);
 		$return .= "END:VCALENDAR";
 		return $return;
 	 }
@@ -62,22 +65,32 @@ class OC_Calendar_Export{
 	 /**
 	  * @brief generates the VEVENT/VTODO/VJOURNAL with UTC dates
 	  * @param array $event
+	  * @param boolean $security true: check access class; false: don't (used mainly with link-sharing)
 	  * @return string
 	  */
-	 private static function generateEvent($event) {
+	 private static function generateEvent($event, $security=true) {
 	 	$object = OC_VObject::parse($event['calendardata']);
 		if(!$object){
 			return false;
 		}
 
-		$sharedAccessClassPermissions = OC_Calendar_Object::getAccessClassPermissions($object);
-		if(OC_Calendar_Object::getowner($event['id']) !== OCP\User::getUser()){
-			if (!($sharedAccessClassPermissions & OCP\PERMISSION_READ)) {
-				return '';
-			}
-		}
-		$object = OC_Calendar_Object::cleanByAccessClass($event['id'], $object);
+		# handle with care! if $security is false, private events can get published
+    # this should be used only with link-shared event (not calendar! *concrete event*!)
+		if ($security) {
 
+      // access permissions
+      $sharedAccessClassPermissions = OC_Calendar_Object::getAccessClassPermissions($object);
+      if(OC_Calendar_Object::getowner($event['id']) !== OCP\User::getUser()){
+        if (!($sharedAccessClassPermissions & OCP\PERMISSION_READ)) {
+          return '';
+        }
+      }
+      
+      // data clean-up
+      $object = OC_Calendar_Object::cleanByAccessClass($event['id'], $object);
+    }
+
+    // handle the data itself
 		if($object->VEVENT){
 			$dtstart = $object->VEVENT->DTSTART;
 			$start_dt = $dtstart->getDateTime();
diff --git a/share.php b/share.php
index 5ef42c2e..c8053299 100644
--- a/share.php
+++ b/share.php
@@ -128,7 +128,10 @@ if (isset($rootLinkItem)) {
     }
     header('Content-Type: text/calendar');
     header('Content-Disposition: inline; filename=' . str_replace(' ', '-', $data['displayname']) . '.ics');
-    echo OC_Calendar_Export::export($rootLinkItem['item_source'], $type);
+    // export the data
+    // if it is a link-shared concrete event, ignore security
+    // calendars should be shared *with* security enabled, so as to not divulge private/busy events
+    echo OC_Calendar_Export::export($rootLinkItem['item_source'], $type, ($type !== OC_Calendar_Export::EVENT) );
     exit();
    
   // Display the calendar
@@ -156,11 +159,6 @@ if (isset($rootLinkItem)) {
   } elseif ($linkItem['item_type'] === 'event') {
     OCP\Util::addStyle('calendar', 'style');
     OCP\Util::addStyle('calendar', 'tooltips');
-    //OCP\Util::addscript('', 'jquery.multiselect');
-    //OCP\Util::addStyle('', 'jquery.multiselect');
-    //OCP\Util::addscript('calendar','jquery.multi-autocomplete');
-    //OCP\Util::addscript('','tags');
-    //OCP\Util::addscript('calendar','on-event');
     OCP\App::setActiveNavigationEntry('calendar_index');
     $tmpl = new OCP\Template('calendar', 'event', 'user');
     $tmpl->assign('link_shared_event', $linkItem);