First time contributer, so hi to all!
I've been searching and searchign on-line for similar issues and have been unsuccessful. Seems like everyone has figured out the issue and I just can't seem to figure it out through the Administrative settings. Here is the scenario:
1) A file is check-in and all admin settings prevent certain users from checking out the file unless it is pushed through a change control workflow.
2) However, any use has the ability to right-click the file, and "un-check" the Read-only attribute.
3) Once a user clicks Ok, he/she can then modify the file at will, without any owndership history.
4) HUGE hole. Please help.
I disagree that it is a security viloation. If a user goes through the effort of going through the steps what does he gain? The file is still not checked out and he has no way of modifying the file in the vault until he does.
Essentially he just wasted his and his company's time, but the files in the vault are still protected....he only screwed up his local cache.
On the other side of the coin, I find it a handy method of doing "What if scenerios". Reference: http://www.3dvision.com/wordpress/index.php/2010/12/27/what-if-workflow-workaround/