[jira] [Closed] (ROL-2176) Document the security model

David M. Johnson (Jira) Sun, 07 May 2023 05:56:05 -0700


     [ 
https://issues.apache.org/jira/browse/ROL-2176?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


David M. Johnson closed ROL-2176.
---------------------------------

> Document the security model
> ---------------------------
>
>                 Key: ROL-2176
>                 URL: https://issues.apache.org/jira/browse/ROL-2176
>             Project: Apache Roller
>          Issue Type: Wish
>          Components: Website and Documentation
>            Reporter: Arnout Engelen
>            Assignee: David M. Johnson
>            Priority: Minor
>
> It would be nice to publish a page on the website or in the documentation 
> describing the 'security model' of Roller, explaining both to operators and 
> to security researchers what kind of behavior to expect.
> For example, this page could clarify that blog authenticated weblog admins 
> are trusted and can use HTML and JavaScript without limitation in blog 
> titles, entries and other places in the blog.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Closed] (ROL-2176) Document the security model

Reply via email to