'[Bricolage-Bugs] [Bug 873] User Override allows System Admins to elevate privileges'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bricolage-bugs
Subject:    [Bricolage-Bugs] [Bug 873] User Override allows System Admins to elevate privileges
From:       bugs () bricolage ! cc
Date:       2004-10-30 22:14:22
Message-ID: 200410302214.i9UMEMFm000674 () www ! exclupen ! com
[Download RAW message or body]

http://bugs.bricolage.cc/show_bug.cgi?id=873





------- Additional Comments From marshall@exclupen.com  2004-10-30 18:14 -------
(In reply to comment #0)
> This is possibly because the Global Admins are members of "All
> Users" and System Admins have CREATE permissions on that group.

... and a user can be overriden as long as the current user has EDIT permissions
on that user.  So somehow it needs to be made so that no one but Global Admins
have EDIT on the Global Admins group.

-- 
Configure bugmail: http://bugs.bricolage.cc/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
_______________________________________________
Bricolage-Bugs mailing list
Bricolage-Bugs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bricolage-bugs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic