Bug 740946
| Summary: | RFE: Allow client-settable custom info | ||
|---|---|---|---|
| Product: | [Community] Spacewalk | Reporter: | Brian <hiryuu> |
| Component: | Clients | Assignee: | Milan Zázrivec <mzazrivec> |
| Status: | CLOSED CANTFIX | QA Contact: | Red Hat Satellite QA List <satqe-list> |
| Severity: | low | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 1.6 | CC: | cperry, slukasik |
| Target Milestone: | --- | Keywords: | FutureFeature |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | All | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Enhancement | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-10-14 09:45:40 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 737830 | ||
|
Description
Brian
2011-09-23 20:50:27 UTC
Allowing an arbitrary client to change or even create custom system values would go against the security model used in Spacewalk: you need to have appropriate permissions to manipulate the system data on the server (organization admin for example). I can see how one could benefit from being able to do the data changes without authentication (or authorization), but the functionality could also be abused in the same manner. Spacewalk's API provides several routines to manipulate the system custom info. May I suggest to export the data from client to a system where it is safe to store the password and change the system info from there. Terribly sorry, I'm gonna have to close this RFE. |