summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--TWiki/TWikiAccessControl.mdwn1
1 files changed, 1 insertions, 0 deletions
diff --git a/TWiki/TWikiAccessControl.mdwn b/TWiki/TWikiAccessControl.mdwn
index d43da426..c92f2f9d 100644
--- a/TWiki/TWikiAccessControl.mdwn
+++ b/TWiki/TWikiAccessControl.mdwn
@@ -63,6 +63,7 @@ Define one or both of these variable in the %WEBPREFSTOPIC% topic:
_Notes for read access restriction:_
+* The view restriction is not suitable for very sensitive content since there is a way to circumvent the read access restriction.
* Read access restriction only works if the view script is authenticated, that means that users need to log on also just to read topics. [TWiki Installation](TWikiDocumentation#installation) has more on basic authentication based on the `.htaccess` file.
* There is a workaround if you prefer to to have unrestricted access to view topics located in normal webs, and to authenticate users only for webs where view restriction is enabled:
* Leave the `view` script non authenticated in the `.htaccess` file.