[Pmwiki-users] Re: Re: Uploading and password proctecting
Patrick R. Michaud
pmichaud
Wed Jun 16 13:34:54 CDT 2004
On Wed, Jun 16, 2004 at 09:18:22PM +0200, Christian Ridderstr?m wrote:
> > > The drawback, as you mentioned further down, is that we loose the ability
> > > to use other tools for browsing uploaded files.
> >
> > Not at all. Just because PmWiki tries to make certain directories
> > web-inaccessible by default doesn't mean they have to be that way
> > in order for things to work. A wikiadministrator is always free to
> > open up any directory to the web (and thus the tools that would be
> > available from doing so).
>
> I meant that we loose the ability if the upload directory is made
> non-public (regardless if it's PmWiki that creates the .htaccess or the
> administrator).
Uhhh, how does this invalidate my comment that a wikiadministrator can
still open up any directory to the web (in effect, overriding PmWiki's
default choice, whatever it ends up being)? Or am I missing the point
entirely?
> > Nothing wrong with it, but here are the arguments against PmWiki using
> > that as the primary (or only) means of access control to uploads:
> [...]
> So you think it'd be worth the effort to implement some more advanced
> "file handling capabilities" then? (Or just merge some other GPL'd tool
> that fits nicely)
No, I'm not advocating that at all. I certainly don't have a need
for anything beyond what Apache already provides, and I haven't heard
strong enough declarations of "This needs to be core PmWiki functionality"
to make it worth the effort, especially since there are many other tools
available that can do a better job.
Pm
More information about the pmwiki-users
mailing list