A security Issue.
A security issue question about modifing/editing published articles.
I have found a simple problem of security. When A member (as I am doing now) post a page in some section without auto_publish, the poste page will wait for webmaestro to be published. This is a good idea to control what is published into the site.
However, after the webmaestro have published a member page, the member still has edit/modify rigths on his/her article, so a member can change the published content of a YACS site.
This feature can be suppressed? Can I (as webmaestro) remove edit/modify rights of an article when i publishing it, without changing the article owner?
Thanks.
This feature can be suppressed? Can I (as webmaestro) remove edit/modify rights of an article when i publishing it, without changing the article owner?
Thanks.