[Phpslash-devel] Troublemaking: what you can do with 'author' rights
Brought to you by:
joestewart,
nhruby
Menu
▾
▴
[Phpslash-devel] Troublemaking: what you can do with 'author' rights
|
From: Peter C. <pe...@kr...> - 2003-02-19 21:34:03
|
Hi I'm coding up some extras for Back-End's user admin, and thought I'd point out the obvious: if you assign a user 'author' rights, they can then assign themselves or anyone else 'root' rights. Probably not an issue for a typical phpSlash site, but worth bearing in mind for larger/paranoid sites... (maybe I'm bored?) Peter |
