RADIUS WebUI - Deny Config Write is not honored
After authenticating with a user that has been put into a group with "Deny Config Write" it is not enforced. If you create a local user in that same group it is enforced as expected.
For clarity, when the user is authenticated with RADIUS and the deny config write is set it is not enforced.
- Status changed from New to Assigned
- Assignee set to Jim Pingle
- Target version set to 2.3
- Affected Version set to 2.3
Confirmed, working on a fix now.
- Target version changed from 2.3 to 2.3.1
Looking at the code, this is not a regression. It will be good to fix, but the fix is non-trivial so it's better to hold it back for the next point release.
- Status changed from Assigned to Feedback
- % Done changed from 0 to 100
I wanted to confirm that this works. I created a custom patch to apply to my pfsense boxes that are running 2.2.6 and Deny Config Write is now honored.
- Status changed from Feedback to Resolved
Thanks for the additional testing
- Affected Version changed from 2.3 to All
Also available in: Atom