[Moin-user] account management without shell access?
Karl Auer
kauer at biplane.com.au
Sat Jan 10 01:25:24 EST 2009
Hi there.
Is there any way to apply an ACL to the newaccount action?
I now know how to disable it, but it would be nice not to have to use a
command line to create accounts. At the same time, we don't want just
anyone to be able to create accounts.
I could *hide* the action, by removing it from the login screen and
putting a call to it on some other, ACL-protected page, but that's at
best obscuring it. People can always craft the necessary URL themselves.
Not really good enough.
An alternative would be to code the action so that it looks for a
particular account, or refuses to operate except for (say) superuser
accounts.
Any better ideas? I'm hoping this is not a new problem.
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au) +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/ +61-428-957160 (mob)
GPG fingerprint: 07F3 1DF9 9D45 8BCD 7DD5 00CE 4A44 6A03 F43A 7DEF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://mail.python.org/pipermail/moin-user/attachments/20090110/a0c98cca/attachment.sig>
More information about the Moin-user
mailing list