[Pmwiki-users] Re: Re: Uploading and password proctecting

Patrick R. Michaud pmichaud
Wed Jun 16 13:34:54 CDT 2004


On Wed, Jun 16, 2004 at 09:18:22PM +0200, Christian Ridderstr?m wrote:
> > > The drawback, as you mentioned further down, is that we loose the ability
> > > to use other tools for browsing uploaded files. 
> > 
> > Not at all.  Just because PmWiki tries to make certain directories
> > web-inaccessible by default doesn't mean they have to be that way
> > in order for things to work.  A wikiadministrator is always free to 
> > open up any directory to the web (and thus the tools that would be 
> > available from doing so).
> 
> I meant that we loose the ability if the upload directory is made 
> non-public (regardless if it's PmWiki that creates the .htaccess or the 
> administrator).

Uhhh, how does this invalidate my comment that a wikiadministrator can
still open up any directory to the web (in effect, overriding PmWiki's
default choice, whatever it ends up being)?  Or am I missing the point
entirely?

> > Nothing wrong with it, but here are the arguments against PmWiki using
> > that as the primary (or only) means of access control to uploads:
> [...]
> So you think it'd be worth the effort to implement some more advanced
> "file handling capabilities" then?  (Or just merge some other GPL'd tool
> that fits nicely)

No, I'm not advocating that at all.  I certainly don't have a need
for anything beyond what Apache already provides, and I haven't heard
strong enough declarations of "This needs to be core PmWiki functionality"
to make it worth the effort, especially since there are many other tools
available that can do a better job.

Pm



More information about the pmwiki-users mailing list