[Moin-user] Does this security setup sound good?

Thomas Waldmann tw-public at gmx.de
Tue Apr 25 03:23:00 EDT 2006


> 1) in acl_before, we have AdminGroup:everything...

There is no "everything" acl.

> 3) On admin pages, we have #acl All:None

There is no "None" acl.

> 4) On pages only editable by trusted editors, we have #acl 
> EditorGroup:read,write,delete,rename All:read

There is no "rename" acl.

> The are templates for AdminPageTemplate, TrustedEditorsTemplate, 
> KnownEditableTemplate, which contain the acls given above.

Be aware that users with no "admin" right, can't establish or change ACLs.

Maybe read HelpOnAccessControlLists again. And if you post stuff, please 
copy it 1:1 or it maybe won't help much.





More information about the Moin-user mailing list