[TYPO3-core] RFC: #15812: Add backend maintenance for login news
Marcus Krause
marcus#exp2010 at t3sec.info
Thu Oct 7 13:58:36 CEST 2010
Hi!
*resending* my posting from 11am CEST which obviously *hasn't made it to
the list*:
Jigal van Hemert schrieb am 10/07/2010 09:52 AM Uhr:
> Hi,
> [...]
> There are different ways of "fixing" things. I can make it very hard to
> break into a car by replacing the windows with steel plates and welding
> all doors (trunk, etc. included) completely shut. Usability suffers
> somewhat by doing this :-)
It's funny to read these discussions.
IMHO, any user (admins too) should have the least necessary permissions.
A new feature should reflect that from the beginning.
Then, there could be a discussion why it's necessary to extend
permissions - and you should bring pretty good arguments.
Sadly, it's usually the other way: start with god mode
And security-focused people need to fight strong to drop permissions.
Marcus.
More information about the TYPO3-team-core
mailing list