It sounds like either 2 or 3 would 'fix' the bug. Solution two strikes me as the simplest from the end-user perspective, and has the added advantage that it would allow future package updates to tweak permissions.
It sounds like either 2 or 3 would 'fix' the bug. Solution two strikes me as the simplest from the end-user perspective, and has the added advantage that it would allow future package updates to tweak permissions.