[pmwiki-users] protection of "SideBar" ?
Patrick R. Michaud
pmichaud at pobox.com
Mon Apr 17 10:47:41 CDT 2006
On Mon, Apr 17, 2006 at 09:36:52AM -0400, Sandy wrote:
> Is SideBar still an exception? I thought the plan had been that the
> entire Site group could be locked down with one instruction.
Prior to 2.1, the default password for Site.SideBar was set to 'nopass',
which meant that anyone could edit the Site.SideBar page even if
there was a password on the Site group or for the site-wide default.
In other words, setting
$DefaultPasswords['edit'] = crypt('edit_password');
would still leave the Site.SideBar page editable (because page passwords
override group or sitewide defaults).
As of 2.1, the default password for Site.SideBar is set to '@_site_edit',
which says to inherit the site-wide default edit password. Thus,
the $DefaultPasswords line will also have the effect of preventing
editing of the SideBar except to those who could otherwise edit pages
in the site. As before, the admin can explicitly set a password on
Site.SideBar, or can clear it to cause it to use any password set
for the Site group.
Pm
More information about the pmwiki-users
mailing list