[pmwiki-users] Request for changing the default upload policy

[Mikael Nilsson]

ons 2005-12-21 klockan 12:17 -0600 skrev Patrick R. Michaud:
> 
> On the other hand, perhaps we could/should add an $EnableMaxSecurity=1;
> to config.php that makes most of these and other security-related
> settings the default, to change PmWiki's default permissiveness?
> 
> That is, with $EnableMaxSecurity enabled, editing would be locked by
> default, uploads would default to per-page instead of per-group,
> $EnableDirectDownload would be set to zero, etc.  (Can anyone 
> think of any others...?)

Actually, I find that ugly an non-intuitive (two ways of setting the
same variable - which takes precedence?).

No, a better approach might be to simply ship several sample configs,
such as

sampleconfig-simpleopen.php

sampleconfig-writeprotected.php

sampleconfig-maximumsecured.php

or whatever.

That has the following advantages:

1. An admin looking for a secure setup will *always* look at sample
configs.
2. The differences are explicit, not hidden behind a variable such as
$EnableMaxSecurity
3. You might want to exemplify different uses of AuthUser in the
different samples.
4. You can keep the simpleopen as the default

and more.

The above would more than satisfy me.

/Mikael

-- 
Plus ça change, plus c'est la même chose