There is, in the depths of the permissions code a function to set which permissions should not ever be shown to guests.
But it does not honour own/any properly - so even when an _any permission is listed to be denied to guests, it still shows up in the admin panel, for example view_ip_address_any is in the deny-to-guests list but still shows in the guests permissions area.
I cannot confirm whether this is an SMF bug or not, all the cases in SMF itself only ever extend _own permissions to be denied to guests (because they can't have an _own)
But it needs fixing.
(Also, permissions + hooking are sort of borked, I really need to extend it in the plugin-info.xml file to fix other issues related to it but that's something else entirely.)
But it does not honour own/any properly - so even when an _any permission is listed to be denied to guests, it still shows up in the admin panel, for example view_ip_address_any is in the deny-to-guests list but still shows in the guests permissions area.
I cannot confirm whether this is an SMF bug or not, all the cases in SMF itself only ever extend _own permissions to be denied to guests (because they can't have an _own)
But it needs fixing.
(Also, permissions + hooking are sort of borked, I really need to extend it in the plugin-info.xml file to fix other issues related to it but that's something else entirely.)
