[pmwiki-users] global overview of passwords/authorizations

Joachim Durchholz jo at durchholz.org
Thu Jul 21 11:31:43 CDT 2005


Patrick R. Michaud wrote:

> Oh yeah -- who should be allowed to see the global overview password 
> settings...?  Should we allow it to anyone who has attr access to
> the page, or restrict it entirely to the admin password?  (It'll
> be configurable -- I'm just asking for the default behavior.)

People should be able to see what they can change.

I'm not sure how that translates to concrete authorisation levels :-)

I'm also not sure how easy it would be to implement - but I don't think 
the wiki admin is better equipped to make a decision, so it's really 
better if PmWiki did it automatically. It's always bad to ask 
administrators to define and implement a security policy - most don't 
have a good idea of the consequences, and the resulting uncertainty will 
(a) make them feel bad and (b) cause them to be overly restrictive.

Regards,
Jo




More information about the pmwiki-users mailing list