Important: #94951 - Restrict export functionality to allowed users 

Description 

The export functionality has the following security drawbacks:

• Export for editors is not limited on field level
• The Save to filename functionality saves to a shared folder, which other editors with different access rights may have access to.

Both issues are not easy to resolve and also the target audience for the Import/Export functionality are mainly TYPO3 admins.

Impact 

The export functionality is restricted to TYPO3 admin users and to users, who explicitly have access through the new user TSconfig setting options.impexp.enableExportForNonAdminUser.

Affected installations 

Installations with EXT:impexp installed where non-admin users need to use the export functionality.

Migration 

If non-admin users should be able to use the export tool, set the following user TSconfig:

options.impexp.enableExportForNonAdminUser = 1