Originated in
TWiki:Support/IsTrashASecurityHole : For installations that use read access control, the Trash web should be view access restricted.
For Dakar I suggest to do this:
- Set the ALLOWTOPICVIEW by default to TWikiAdminGroup
- Test if non-admin users are still able to delete content into Trash (possible in Cairo)
Since this security setting might not apply to all sites it could be done optional. In which case, it should be described in the installation instructions (and Trash web left open).
--
PTh
TWiki needs to be as secure as possible by default - we must set ALLOWTOPICVIEW to the
AdminGroup (and test)
svn:7020
-- SD
I did some testing and it works to set ALLOWEBVIEW to
TWikiAdminGroup. Implemented this and added note about this setup in
Trash.
svn:7024
DakarReleaseNotes SVN:7026
--
LB
Reopening this, see today's entry at
TWiki:TWiki:Support/IsTrashASecurityHole with:
The text of the topic after the move gets replaced by "No permission to read topic Trash.Topic - perhaps you need to log in?" This is a Cairo issue that might be carried over into Dakar.
Could someone test if a person who is not in the TWikiAdminGroup can trash a topic and an attachment?
--
PTh
works fine on my dakar test setup -- SD