Bug #4034
closed
AutoConfigBackup - user-config-readonly priv still does backup
0%
Description
A user with the priv user-config-readonly cannot change the config. This is handled correctly in write_config().
But AutoConfigBackup still makes a backup each time that read-only user presses Save somewhere. Thus a read-only webGUI user can quickly generate loads of backups when they are moving around looking and learning. That can mean interesting backup history is lost from the normal 100 backups that are retained on the server.
It would be nice if AutoConfigBackup also checked for user-config-readonly priv before making the backup.
Updated by Chris Buechler over 9 years ago
- Category set to AutoConfigBackup
- Status changed from New to Confirmed
We'll fix this as part of ACB enhancements immediately post-2.2.
Updated by
Updated by Kill Bill over 7 years ago
Well I think this bug is gone since this commit (which disabled the unwanted duplicated backups as well) - https://github.com/pfsense/FreeBSD-ports/commit/7ea386661b17ba3b666237900c5b22790b581f64
Updated by Jim Pingle over 7 years ago
- Status changed from Confirmed to Resolved
Confirmed as fixed. A user with the Deny Config Write privilege won't trigger a new ACB entry on save.