Could someone please try if the following line works as expected ?
$HandleAuth['crypt'] = 'edit';
Even with this line in config.php, users seem to be able to use
action=crypt even when they have no edit rights.
Thank you in anticipation.
Christophe
On Sat, Mar 01, 2008 at 09:53:56PM +0100, Christophe David wrote:
Could someone please try if the following line works as expected ?
$HandleAuth['crypt'] = 'edit';
Even with this line in config.php, users seem to be able to use
action=crypt even when they have no edit rights.
The
$HandleAuth['crypt'] = 'edit';
Even with this line in config.php, users seem to be able to use
action=crypt even when they have no edit rights.
The ?action=crypt is handled somewhat specially, in that it
doesn't bother to check permissions on any page before being
able to run it. There