|Summary:||Switch to normal user in DS console still allows certain admin tasks|
|Product:||Red Hat Directory Server||Reporter:||To Ngan <tngan>|
|Component:||UI - General UI||Assignee:||Rich Megginson <rmeggins>|
|Status:||CLOSED UPSTREAM||QA Contact:||Viktor Ashirov <vashirov>|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2016-04-07 20:02:47 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
|Bug Depends On:|
Description To Ngan 2005-04-07 23:46:42 UTC
Description of problem: Log in to console as admin or directory manager and bring up DS console, then "Log in as New User" and auth as a regular user. On most panels the normal user can't do anything, but on the Tasks tap, the stop/start/restart buttons works. Even changing cert db passwd works too. He/she can also get to the admin console and change admin user id/passwd, and admin port, etc. Note that if a normal user run startconsole and authenticate in that way, he/she won't be able to bring up DS console at all. Only limited access to Users and Groups panel in the admin console. This is most likely not a regression, and may not be common use case anyway. The only risk is an admin user switch or give control of the consoles to a regular user this way and assumes the regular user can't do anything. How reproducible: Consistently.
Comment 1 David Boreham 2005-05-06 18:03:17 UTC
This was latered in the last bug meeting.
Comment 3 Rich Megginson 2012-01-09 19:45:15 UTC
Upstream ticket: https://fedorahosted.org/389/ticket/233
Comment 5 Noriko Hosoi 2016-04-07 20:02:47 UTC
Per triage, close and handle with upstream ticket.