Forum .LRN Q&A: Re: General comments create and dotLRN
Where Tilmann and I discussed this issue in relation to bug-tracker.
What we did was say that if you can read, you can also comment. That's pretty fair in the general case, that's the purpose of community. You normally don't want a community with first-order citizens who can read and comment, and second-order members who can read but not comment.
My original suggestion was to create a standard 'feedback' privilege, which belongs to acs-kernel, so it's available for all modules to use. But I'm not so sure anymore. I'm all for keeping the set of privileges really small. Perhaps if we make 'feedback' a child of 'read' by default, so you can choose to pretend 'feedback' doesn't exist if you want, and if you want something more specialized, you can do that.
I definitely feel like 'general_comments_create' is a miscreation of a privilege, and that general-comments should be 'fixed' so it either looks for 'read' or for a new 'feedback' privilege.