Bug 1012579 - RBAC: Administrator should be prevented from modifying super user and auditor roles.
RBAC: Administrator should be prevented from modifying super user and auditor...
Status: CLOSED CURRENTRELEASE
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Domain Management (Show other bugs)
unspecified
Unspecified Unspecified
unspecified Severity unspecified
: ER4
: EAP 6.2.0
Assigned To: Darran Lofthouse
Ladislav Thon
Russell Dickenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-09-26 12:36 EDT by Darran Lofthouse
Modified: 2013-12-15 11:23 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-12-15 11:23:31 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
JBoss Issue Tracker WFLY-2087 Critical Resolved Administrator should be prevented from modifying super user and auditor roles. 2016-02-15 12:06 EST

  None (edit)
Description Darran Lofthouse 2013-09-26 12:36:01 EDT
Description of problem:

The SuperUser role has the ability to do absolutely anything and the Auditor role has full control of what audit logging occurs - for this reason the Administrator should not be able to modify either of these roles as they could effectively add themselves.
Comment 6 Vladimir Dosoudil 2013-10-16 07:44:04 EDT
Merged in
 * https://github.com/jbossas/jboss-eap/commit/ea931ed
 * https://github.com/jbossas/jboss-eap/commit/3104bc7
Included in EAP 6.2.0 ER 4.
Comment 7 Ladislav Thon 2013-10-21 05:48:58 EDT
Verified with EAP 6.2.0.ER6.

Note You need to log in before you can comment on or make changes to this bug.