Project

General

Profile

Bug #7584

privileges abuse with page-diagnostics-dns

Added by Jeremy C. Reed 6 months ago. Updated 5 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Web Interface
Target version:
Start date:
05/20/2017
Due date:
% Done:

0%

Affected Version:
All
Affected Architecture:
All

Description

my user has
page-diagnostics-dns privilege which provides DNS lookups
but also allowed the user to create an alias
"Created from Diagnostics-> DNS Lookup".

But now the user cannot see this alias nor has any way to remove it
(because needs page-firewall-aliases privilege).

I'd suggest that capability to do DNS lookups diagnostics shouldn't
also allow addition of aliases.

History

#2 Updated by Jim Pingle 6 months ago

  • Category set to Web Interface
  • Target version set to 2.4.0
  • Affected Version set to All
  • Affected Architecture set to All

The fix in the PR Looks good to me.

#3 Updated by Jim Pingle 6 months ago

  • Status changed from New to Feedback

PR was merged

#4 Updated by Jim Pingle 5 months ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF