Le 09/09/2024 à 18:59, Jacques Le Roux a écrit :
i wonder why even admin lack some permission,It's because webshell uploads are devastating. They easily lead to RCE. If for some reason we face a post-authN attack, we can't trust any authentication. And SecuredUpload is already enough complex.
Also remember that admin is a demo data and those should never be used in production