Last modified: 2011-03-13 18:04:56 UTC
There are currently blocks on what you can and can't upload. Anons can't upload anyting, clearly to stop them uploading all sorts of crap. Logged in users and admins can upload any legitimate file (e.g. you can upload jpg, gif, png, ogg), but not (say) a source file of a diagram created in dia, which we might want to update later. Since however we have admins who are trusted, can it be arranged so that admins can upload any file? We can then arrange a system where users who aren't admins can then have their work checked before being uploaded. I don't think that logged in users ought to able to do this because of the security implications, etc, but surely admins are trusted?
Note that this is similar to admins being able to put arbitrary JavaScript into the UI which we've been trying to eliminate. Note also that this will become largely irrelevant when 1.5 rolls out, see bug 898:
*** Bug 2793 has been marked as a duplicate of this bug. ***