Warning! Please be advised of what you are doing when giving permission for portal administrators to upload skins. Warning! This ability allows any of your administrators to upload server-side code, and there is no security checking of the uploaded skins. If you do not explicitly trust the people with administrator privledges to have the same rights as a Host / SuperUser then you should not enable portals to upload skins. If you are the only one running the site and all the portals then you should log in as Host / SuperUser and you will then be able to upload skins. This is not new and has been around with DNN since skinning was introduced, but I often see posts like this one:
http://www.dotnetnuke.com/Community/ForumsDotNetNuke/tabid/795/mid/2108/threadid/113340/scope/posts/Default.aspx#113585
Where users are just told to turn on this feature, without any warning. Here's another related thread:
http://forums.asp.net/thread/879684.aspx |