[Typo3-dev] RFC: New access control options
Peter Niederlag
niederlag at ikd01.de
Wed Aug 11 08:22:57 CEST 2004
Hi,
Christian Jul Jensen schrieb am 10.08.2004 um 09:54 Uhr CEST
> Kasper Skårhøj <kasper2004 at typo3.com> writes:
>
> > So, the question is; What mode should be the default in the next
> > release?
>
> I would say 'explictAllow'. IMHO, that's the thing that makes most
> sense in general.
>
> For the upgrading issues I sugges, a good and short how-to on how to
> change the setting and/or grant the access.
>
> (anyway, it seems like I'm outnumbered here)
game is not over. ;)
I think we should also take some "design"-considerations into account
and not only try to make things work for any DAU(~newbie), that doesn't
care to read docs.
I think we should go for the "secure" way, explicitAllow. That also
correspons to "allowdExcludeFields" which have to be _activated_.
Everybody knows that by now.
I think ML and doc will help to cover problems with newbies, so we
should rarther decide on what we think is the better "method"/"design".
Cheers,
Peter
P.S.: Don't count my vote again, already posted that yesterday. ;)
--
Peter Niederlag
*** Typo3 und IT-Dienstleistungen ***
http://www.niekom.de
http://typo3.naw.de
More information about the TYPO3-dev
mailing list