[pmwiki-users] Request for changing the default upload policy
Patrick R. Michaud
pmichaud at pobox.com
Wed Dec 21 12:17:55 CST 2005
On Wed, Dec 21, 2005 at 12:08:17PM -0600, Patrick R. Michaud wrote:
> Your points about the security implications of read-protected pages
> and attachments are quite valid, but I'm not sure that it's enough
> to warrant changing the default setting. In my experience most
> places that have read-protection do so on entire groups or the entire
> site and not individual pages (but I could be wrong about this also).
On the other hand, perhaps we could/should add an $EnableMaxSecurity=1;
to config.php that makes most of these and other security-related
settings the default, to change PmWiki's default permissiveness?
That is, with $EnableMaxSecurity enabled, editing would be locked by
default, uploads would default to per-page instead of per-group,
$EnableDirectDownload would be set to zero, etc. (Can anyone
think of any others...?)
Pm
More information about the pmwiki-users
mailing list