On Fri, Feb 24, 2012 at 09:21, Ludovic Dubost <[email protected]> wrote:
> -1 because allowing delete by default open as hole to guest and > crawlers in particular. > Very dangerous. We had the issue with "undelete" which does not follow > the same rule. > > I'm +1 for changing undelete to forbidden by default > > As for admin the only reason was to be able to fill the wiki in the > beginning. It's true that it's a hole too. > I'm +1 for changing admin to forbidden by default as our default wiki > has the right settings. > > It would be great though to have a better solution to fill the wiki > than using superadmin. > If we found a good way to have null be the superadmin when the wiki need it so, I am +1. But we really need to be sure this solution is safe and could not be triggered by trickery. > > Ludovic > > 2012/2/23 Andreas Jonsson <[email protected]>: > > -1 > > > > As I see it, it is the fact that admin right is allowed by default that > > is an irregularity. Currently, the initial import relies on these > > default admin rights, and it is expected that the imported contents > > configure the admin right appropriately. > > > > In a standard wiki-setting, I would expect that "delete", "admin", and > > "programming" are denied to most users and it seems to me natural that > > the default is "deny" for these. So if this is a matter of consistency, > > I would rather see a new mechanism (e.g., a special "uninitialized" > > state of the wiki) to make it possible to change the default to "deny" > > also for admin rights. > > > > Best Regards, > > > > Andreas > > > > 2012-02-23 16:02, Thomas Mortagne skrev: > >> Right now on an empty wiki you have all the rights except "delete" > >> (and register). > >> > >> So this means that you have "admin" right but you don't have "delete" > rights... > >> > >> This does not make much sense and I anyway I don't see why delete has > >> this special rule. > >> > >> Any idea ? > >> > >> Here is my +1 to remove the special handling of "delete" default right. > >> > > > > _______________________________________________ > > devs mailing list > > [email protected] > > http://lists.xwiki.org/mailman/listinfo/devs > > > > -- > Ludovic Dubost > Founder and CEO > Blog: http://blog.ludovic.org/ > XWiki: http://www.xwiki.com > Skype: ldubost GTalk: ldubost > _______________________________________________ > devs mailing list > [email protected] > http://lists.xwiki.org/mailman/listinfo/devs > -- Denis Gervalle SOFTEC sa - CEO eGuilde sarl - CTO _______________________________________________ devs mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/devs
