Default page access policy is wrong

google-code-export / digitalus-cms

Automatically exported from code.google.com/p/digitalus-cms

1 stars 1 forks source link

Default page access policy is wrong #157

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago

Please change the default page access behavior to not require a login.
Currently, the default assumes some kind of login. People wanting a
restricted area should set them to those pages.

Original issue reported on code.google.com by kwut...@web.de on 2 May 2010 at 4:57

GoogleCodeExporter commented 9 years ago

It's not WRONG, it's a policy.

You can either allow all and follow a blacklist policy or You disallow all and 
follow
a whitelist policy, which is more secure and proposed by the most specialists

Original comment by lowtower1974@gmail.com on 2 May 2010 at 10:55

Added labels: Type-Enhancement, Priority-Low
Removed labels: Type-Defect, Priority-Medium

GoogleCodeExporter commented 9 years ago

I think it is. It probably depends on the use case. I don't think the majority 
of CMS
users create websites that have a need for high security in first place.

For people creating normal content-managed websites, why should access be 
denied by
default? I completely disagree with the current default policy.

Original comment by kwut...@web.de on 2 May 2010 at 11:11

GoogleCodeExporter commented 9 years ago

The homepage is always accessible.
I think that is what users really want.

Original comment by lowtower1974@gmail.com on 3 May 2010 at 8:49

GoogleCodeExporter commented 9 years ago

Again, I disagree. I want all pages to be accessible by default. It doesn't make
sense to restrict by default.

Original comment by kwut...@web.de on 3 May 2010 at 2:18