This isn't a big security flaw, a minor one in fact, but why is it that non-admins can change/add categories (when it is supposed to be an admin-only command)?

i just added two categories, and managed to delete and rename one. this almost means that someone who knows the b2 filestructure can do 'potential' damage. Haven't checked the other files though, but I'm glad to know that b2template.php is admin-protected.