I've set up a wiki which is on a public webserver. Non-registered users can only see the front page. Logged in users can see content with either edit or view privileges. I've managed this by setting the page permissions on all sub-pages below certain key category pages. Good so far.
Now I notice that when I'm not logged in I can see Special Pages eg.
.... and ALL THE PAGES below this, including dekiscript containing database queries!!!
... but apparently all the individual User pages are not accessible.
Obviously this is not good as it is leaking important information. How do I set permissions on these pages? It seems that the normal method of More > Restrict Access is not available.
An oversight? A feature?
Do I need to apply the permissions directly into the database in this case? Any hints on how? I'm slightly alarmed by this one.