[wp-xmlrpc] Non-Moderator Comments

[David Dodson]

Following the threads I understand the desire to prevent spam from  
coming through the xmlrpc pipe, but want to raise the question of non- 
moderator users being able to post comments through xmlrpc.  Currently  
only admins or editors can post through the xmlrpc even with valid  
login credentials.  Assuming the WP site is set up so that users have  
to be logged in to comment, subscribers, contributors and authors  
should also be able to post comments.  I did a test commenting out the  
code which checks for moderator status, which allows for subscribers  
to post.  The nice thing is that for first time subscribers, the  
comments still must be approved in this manner.  As such, unless I'm  
missing something, I don't think doing this would leave a means for  
spam to exploit, unless the concern is having to moderate attempts.   
Otherwise none of the spam comments could make it live just by using  
the xmlrpc without being moderated first.

Thoughts?

DD