[development] Hello from another developer/Want to add some features

Bèr Kessels ber at webschuur.com
Sat Jan 28 11:59:19 UTC 2006

Op zaterdag 28 januari 2006 12:15, schreef Karoly Negyesi:
> > * Disabling changes to usernames and passwords of administrative users
> > by users having administer users permission.

That would be a great one; It will solve the issue where:
 * any user with administer user perms can edit superuser (change pw)
 * then log in as superuser. 
 * p0wn3 your site. 

ATM the only way around this is to simply not give anyone admin users perms;

Looking forward to a patch,


More information about the development mailing list