[development] Requiring node revisions
david at fourkitchens.com
Thu Jun 7 09:59:51 UTC 2007
> One of many scenarios where this will prove to be a hindrance:
> 1. I create a page using the PHP filter containing sensitive information.
> 2. I forget to select the PHP input format.
> 3. I notice this and edit the page again and select the correct format.
> 4. I think all is well.
> Anybody who can view revisions will be able to see my sensitive
On any site, viewing old revisions should be restricted to only the most
trusted users unless you're trying to operate like a wiki. As long as we
default to denying anonymous and authenticated users the right to view
old revisions, I think we'll be fine here.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 186 bytes
Desc: OpenPGP digital signature
Url : http://lists.drupal.org/pipermail/development/attachments/20070607/dfe0b40b/attachment.pgp
More information about the development