> To Damian: to be honest I can't see why you think specifying an external URL for files would be a security hole. It would simply allow for far bigger file galleries than one could have by using their own server space, not to mention saving bandwidth. This could allow use of tikiwiki for a sourceforge clone. You could have files stored locally (if you wanted and could afford to) and you could also provide links to mirrors or someone else's files.
> Besides even if it were a risk, some new permissions could be implemented to allow only certain user groups (most likely admins because it makes the most sense) to specify external URLS.
Basically it would open up the chance even more for integreity of data. At the moment I know my files are secure because their filenames are md5, Id love to see you try and guess one However using your method it wouldnt be so secure for my data. The filename could be guessed easily and downloaded directly much more easier.
I believe to get those changes into CVS code it would need to copy or rename the file to its md5 hash.