Arnout Engelen created ROL-2176:
-----------------------------------
Summary: Document the security model
Key: ROL-2176
URL: https://issues.apache.org/jira/browse/ROL-2176
Project: Apache Roller
Issue Type: Wish
Components: Website and Documentation
Reporter: Arnout Engelen
It would be nice to publish a page on the website or in the documentation
describing the 'security model' of Roller, explaining both to operators and to
security researchers what kind of behavior to expect.
For example, this page could clarify that blog authenticated weblog admins are
trusted and can use HTML and JavaScript without limitation in blog titles,
entries and other places in the blog.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
