« am: 15.05.07 - 06:16:45 »
This is kind of a security warning. I have seen this a couple of times recently and I do not think the consequences are that obvious.
If you create a form and set it to "Available to Public Access Users" then add the "$PublicAccess" field (set to "1") to allow "Write Public" users to create public documents beware.
Public documents were added to facilitate the use of delegating calendar and To Do (and now contacts) in the mail template (I'm guessing where this came from but I'm sure this is the case). I'm pretty sure it was not intended on being used for much else.
Now the warning. If you allow users to create documents using "Write Public" don't think this is some sort of "Depositor" access where they dump the document and run. "Write Public" grants you the power to also delete (without "Delete Document" being selected) and edit all documents marked "Public Access".
See the risk?
Of course someone may enlighten me differently! 
http://www.stevecastledine.com/sc.nsf/dx/notes-public-access{ via Steve Castledine }
Gespeichert
Egal wie tief man die Messlatte für den menschlichen Verstand auch ansetzt: jeden Tag kommt jemand und marschiert erhobenen Hauptes drunter her!
