From 0d4b3589fb559a565edadf0c842a1c7079410e98 Mon Sep 17 00:00:00 2001
From: Peter Thoeny <web-hurd@gnu.org>
Date: Mon, 26 Feb 2001 20:28:42 +0000
Subject: none

---
 TWiki/TWikiAccessControl.mdwn | 1 +
 1 file changed, 1 insertion(+)

(limited to 'TWiki')

diff --git a/TWiki/TWikiAccessControl.mdwn b/TWiki/TWikiAccessControl.mdwn
index d43da426..c92f2f9d 100644
--- a/TWiki/TWikiAccessControl.mdwn
+++ b/TWiki/TWikiAccessControl.mdwn
@@ -63,6 +63,7 @@ Define one or both of these variable in the %WEBPREFSTOPIC% topic:
 
 _Notes for read access restriction:_
 
+* The view restriction is not suitable for very sensitive content since there is a way to circumvent the read access restriction.
 * Read access restriction only works if the view script is authenticated, that means that users need to log on also just to read topics. [TWiki Installation](TWikiDocumentation#installation) has more on basic authentication based on the `.htaccess` file.
 * There is a workaround if you prefer to to have unrestricted access to view topics located in normal webs, and to authenticate users only for webs where view restriction is enabled:
   * Leave the `view` script non authenticated in the `.htaccess` file.
-- 
cgit v1.2.3