Bug 154176

Summary: Switch to normal user in DS console still allows certain admin tasks
Product: Red Hat Directory Server Reporter: To Ngan <tngan>
Component: UI - General UIAssignee: Rich Megginson <rmeggins>
Status: CLOSED UPSTREAM QA Contact: Viktor Ashirov <vashirov>
Severity: medium Docs Contact:
Priority: low    
Version: 7.1CC: jgalipea, nhosoi
Target Milestone: DS_Future   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-04-07 20:02:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 495079, 512820, 690311    

Description To Ngan 2005-04-07 23:46:42 UTC 
Description of problem:
Log in to console as admin or directory manager and bring up DS console, then
"Log in as New User" and auth as a regular user.

On most panels the normal user can't do anything, but on the Tasks tap, the
stop/start/restart buttons works.  Even changing cert db passwd works too. 
He/she can also get to the admin console and change admin user id/passwd, and
admin port, etc.


Note that if a normal user run startconsole and authenticate in that way, he/she
won't be able to bring up DS console at all.  Only limited access to Users and
Groups panel in the admin console.

This is most likely not a regression, and may not be common use case anyway. 
The only risk is an admin user switch or give control of the consoles to a
regular user this way and assumes the regular user can't do anything.


How reproducible:
Consistently.
Comment 1 David Boreham 2005-05-06 18:03:17 UTC 
This was latered in the last bug meeting.
Comment 3 Rich Megginson 2012-01-09 19:45:15 UTC 
Upstream ticket:
https://fedorahosted.org/389/ticket/233
Comment 5 Noriko Hosoi 2016-04-07 20:02:47 UTC 
Per triage, close and handle with upstream ticket.