> > Any user who can create a Resource with the rt/danger resource type > can execute the DangerousServlet. Same for scripts. >
To be clear though, a user can create a resource with a rt/danger resourceType but they can't execute it unless they have permission to execute the rt/danger resource. We do this for our script under /apps/ where we prevent access to certain groups so that even if they create the resource that references it, it won't work for them. - Jason
