This is a static dump of issues in the old "Flyspray" bugtracker for DokuWiki. Bugs and feature requests
are now tracked at the issue tracker at Github.
Closed
Duplicate
FS#238 Public access to uploaded files in ACL model
Security
2005-04-06Hamid
I am using ACL mode and all the pages are protected using ACL and public has no access to the Wiki pages without login. However, uploaded files to the Wiki are written to the 'wiki/media' folder with read-only permission to the public. So, any non-logined user can explore the media folder and read all files (or write the url of files in the explorer bar and they can read the files...), while (s)he is not an actuall user of the Wiki. What do you propose to limit the access of files to the ligitimate users?