Bug 163544
| Summary: | Java Security for SDC | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Network | Reporter: | Ken Ganong <kganong> |
| Component: | RHN/R&D | Assignee: | Ken Ganong <kganong> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Mike McCune <mmccune> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | RHN Devel | CC: | rhn-bugs |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | RHN 4.0.0 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2005-09-01 03:07:23 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 147875 | ||
|
Description
Ken Ganong
2005-07-18 19:01:17 UTC
Ken, this is going to need a testplan. Sequester an org with at least two users and one system in which one user has access to the server and the other user does not. Note: In order for a user to not have access to a system, he or she must not be an org admin nor a system group admin and must not have access to a system group that that server is in. A user's server perms can be found in Users->Click a User->Systems. For the user which does have permission, he or she should see the system in the System List and should be able to view and schedule actions for the system in System Details pages. (Systems->Systems->Click the System->Click a java link in the middle nav (Errata, Packages)) For the user which does not have permission, go to Systems->Systems->Click a System->modify the url so that the sid parameter equals the system id of the inaccessible system. None of the pages (Java or Perl) should allow you to view the system. will qa this. works fine, prod_ready. |