Album security question
|Posted: Sat, 2009-10-17 22:37|
What's the expected behavior when someone tries to access an image directly, i.e. types http://www.example.com/gallery3/var/albums/album/image.jpg into the address bar? Here's what I'm getting:
User is "everybody" & everybody is not allowed to "view full size" => Dang page
Is the "everybody" result correct? I ask because I interpret the dang page to mean there is a problem with G3, rather than G3 is functioning correctly and a user tried to do something that's not allowed.