[pmwiki-users] global overview of passwords/authorizations
Joachim Durchholz
jo at durchholz.org
Thu Jul 21 11:31:43 CDT 2005
Patrick R. Michaud wrote:
> Oh yeah -- who should be allowed to see the global overview password
> settings...? Should we allow it to anyone who has attr access to
> the page, or restrict it entirely to the admin password? (It'll
> be configurable -- I'm just asking for the default behavior.)
People should be able to see what they can change.
I'm not sure how that translates to concrete authorisation levels :-)
I'm also not sure how easy it would be to implement - but I don't think
the wiki admin is better equipped to make a decision, so it's really
better if PmWiki did it automatically. It's always bad to ask
administrators to define and implement a security policy - most don't
have a good idea of the consequences, and the resulting uncertainty will
(a) make them feel bad and (b) cause them to be overly restrictive.
Regards,
Jo
More information about the pmwiki-users
mailing list