Pierangelo Masarati <ando(a)sys-net.it> wrote:
See ITS#4556 for discussion.
So this is not considered a security hole. But as far as I understand,
anyone that is allowed to add an entry anywhere can add a user with
random privileges. Did I miss something here? Can that be avoided?