0 Replies Latest reply on Dec 1, 2006 6:06 AM by wewfwefq2

    If users have write access to site root...

    wewfwefq2
      .. what prevents them from trying to edit the site directly?

      I mean if I give FTP or local network access to my user it doesn't really matter what type of key I send him (publisher/writer) or what permissions I choose for his role since he can make any changes he like over FTP or local network with a text editor. I wouldn't even notice it!

      Wouldn't it be better for Contribute to publish all drafts (pages+images+documents+...) in a subfolder of the site where user would have explicit write access, but they would have read-only for the rest site.

      It is a same for such a nice product to have such an achilles heel...