24 Feb
2012
24 Feb
'12
11:21 a.m.
On Fri, Feb 24, 2012 at 09:21, Ludovic Dubost <ludovic(a)xwiki.com> wrote:
-1 because allowing delete by default open as hole to
guest and
crawlers in particular.
Very dangerous. We had the issue with "undelete" which does not follow
the same rule.
I'm +1 for changing undelete to forbidden by default
As for admin the only reason was to be able to fill the wiki in the
beginning. It's true that it's a hole too.
I'm +1 for changing admin to forbidden by default as our default wiki
has the right settings.
It would be great though to have a better solution to fill the wiki
than using superadmin.
If we found a good way to have null be the superadmin when the wiki need it
so, I am +1.
But we really need to be sure this solution is safe and could not be
triggered by trickery.
Ludovic
2012/2/23 Andreas Jonsson <aj(a)member.fsf.org>rg>:
--
Ludovic Dubost
Founder and CEO
Blog: http://blog.ludovic.org/
XWiki: http://www.xwiki.com
Skype: ldubost GTalk: ldubost
_______________________________________________
devs mailing list
devs(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/devs
--
Denis Gervalle
SOFTEC sa - CEO
eGuilde sarl - CTO
-1
As I see it, it is the fact that admin right is allowed by default that
is an irregularity. Currently, the initial import relies on these
default admin rights, and it is expected that the imported contents
configure the admin right appropriately.
In a standard wiki-setting, I would expect that "delete", "admin",
and
"programming" are denied to most users and it seems to me natural that
the default is "deny" for these. So if this is a matter of consistency,
I would rather see a new mechanism (e.g., a special "uninitialized"
state of the wiki) to make it possible to change the default to "deny"
also for admin rights.
Best Regards,
Andreas
2012-02-23 16:02, Thomas Mortagne skrev:
> Right now on an empty wiki you have all the rights except "delete"
> (and register).
>
> So this means that you have "admin" right but you don't have
"delete"
rights...
This does not make much sense and I anyway I don't see why delete has
this special rule.
Any idea ?
Here is my +1 to remove the special handling of "delete" default right.
_______________________________________________
devs mailing list
devs(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/devs