Em Domingo 02 Setembro 2007 04:20, Ben Stallings escreveu: > CarlosAB wrote, > > > Is ZAP secure? I remember some long threads just talking about it. > > > > I'm sorry if it is not true, but that's how I remember it and the reason > > why I'm trying to code a registration recipe myself. > > For those who didn't read those long threads talking about ZAP security, > here's the quick summary: ZAP is based on the assumption that you will > only let people you trust edit pages on your wiki. Like CommentBox and > some other forms recipes, ZAP allows users without edit privileges to > write predetermined kinds of information to pages, but unlike those > other recipes, anyone *with* edit privileges can determine the kinds of > information that are written. So if you want your wiki to be open to > editing by any and every person and bot on the Internet, as it is by > default, then ZAP is not for you. > > However, if you only allow people you trust to edit pages, then ZAP is > as trustworthy as they are. Unfortunately installing ZAP does not lock > down your site; you have to do that yourself as a separate step. That's > part of why I plan to release a ZAP CMS bundle with all of that already > done, so that it can be secure out of the box. > > As for a separate registration recipe, that's great! I hope you will > make it compatible with the PmForms framework if possible. Thanks! > --Ben S.
Thanks for clearing it out Ben and I'll look for more information on PmForms. CarlosAB _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
