From 478172756eded9b75c1f0640aa69170978cca043 Mon Sep 17 00:00:00 2001 From: PeterThoeny Date: Mon, 26 Feb 2001 20:28:42 +0000 Subject: [PATCH] none --- TWiki/TWikiAccessControl.mdwn | 1 + 1 file changed, 1 insertion(+) diff --git a/TWiki/TWikiAccessControl.mdwn b/TWiki/TWikiAccessControl.mdwn index 4f15241..0484e7f 100644 --- a/TWiki/TWikiAccessControl.mdwn +++ b/TWiki/TWikiAccessControl.mdwn @@ -63,6 +63,7 @@ Define one or both of these variable in the [[WebPreferences]] topic: _Notes for read access restriction:_ +- The view restriction is not suitable for very sensitive content since there is a way to circumvent the read access restriction. - Read access restriction only works if the view script is authenticated, that means that users need to log on also just to read topics. [TWiki Installation](TWikiDocumentation#installation) has more on basic authentication based on the `.htaccess` file. - There is a workaround if you prefer to to have unrestricted access to view topics located in normal webs, and to authenticate users only for webs where view restriction is enabled: - Leave the `view` script non authenticated in the `.htaccess` file. -- 1.9.4