Ok, so I sent the note below yesterday, but for some reason it never left my outbox. Maybe I can blame the "galactic e-mail monster" for doing something to my e-mail (or maybe the fact they were upgrading our e-mail servers yesterday). ;-) So, I sent this message yesterday. This is the fix I found: I'm using the www.pmwiki.org/wiki/Cookbook/AutoRestore <http://www.pmwiki.org/wiki/Cookbook/AutoRestore> (autorestore) function, which will automatically restore my example.GroupAttributes page, the only issue with that is that someone in the system could potentially lock different groups for a few minutes until autorestore has made its way back into the system. If anyone has a better suggestion, please let me know. Thanks, Chris Dear all, By now you are probably getting a little tired of my posts. I apologize for this, but in getting ready for my site to go live I need most of the kinks worked out. Anyway, this one should be rather simple. I just noticed today a potential problem (for many others beyond me). If I setup a group to be easily edited for my users (they can read, edit, attr. and upload) it has a potential problem. The point is that if I go to example.GroupAttributes and set the group attributes to @nopass, then that means that people can also go into my example.GroupAttributes page and set the attributes for the entire group, thus a possible security risk (and defeating the purpose of making it publicly available). Suggestions? What has anyone done to avoid this issue? Thanks, Chris
_______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
