X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/53c18ef127b2a4db945d41c839e6c33a648da35f..a6d999df1c02a14881098c1811c41be3c9dabfb3:/doc/todo/fileupload.mdwn diff --git a/doc/todo/fileupload.mdwn b/doc/todo/fileupload.mdwn index d0caf6f07..4623e4a5a 100644 --- a/doc/todo/fileupload.mdwn +++ b/doc/todo/fileupload.mdwn @@ -20,6 +20,7 @@ the work is in securing it. Several classes of controls seem appropriate: browsers are probably too smart for their own good and may ignore the extension / mime info and process as the actual detected file type. It may be necessary to use `file` to determine a file's true type. +* Optional ability to test a file using a virus scanner like clamav. * Limits to who can upload what type of files. * Limits to what files can be uploaded where. @@ -41,11 +42,11 @@ as a wikifs. Maybe. And if that's done, it can also be used to lock users from editing a pages or the whole wiki: - ( user(spammer) and * ) or - ( user(42.12.*) and * ) or - ( user(http://evilopenidserver/*) and * ) or - ( user(annoying) and index) or - ( immutable_page ) + !(( user(spammer) and * ) or + ( user(42.12.*) and * ) or + ( user(http://evilopenidserver/*) and * ) or + ( user(annoying) and index) or + ( immutable_page )) That would obsolete the current simple admin prefs for banned users and locked pages. Suddenly all the access controls live in one place.