Le 09/09/2024 à 18:59, Jacques Le Roux a écrit :
i wonder why even admin lack some permission,

It's because webshell uploads are devastating. They easily lead to RCE.
If for some reason we face a post-authN attack, we can't trust any 
authentication.
And SecuredUpload is already enough complex.
Also remember that admin is a demo data and those should never be used in 
production

Reply via email to