Bug 138218 - security issue: able to create several org admins by submitting the form multiple times
security issue: able to create several org admins by submitting the form mult...
Product: Red Hat Satellite 5
Classification: Red Hat
Component: Installer (Show other bugs)
All Linux
high Severity medium
: ---
: ---
Assigned To: Robin Norwood
Max Spevack
Depends On:
Blocks: rhn360sat
  Show dependency treegraph
Reported: 2004-11-05 15:04 EST by Max Spevack
Modified: 2007-08-06 11:57 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-03-22 13:50:40 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Max Spevack 2004-11-05 15:04:29 EST
Description of problem:
During the satellite install, you can submit this form multiple times,
and create as many org admins as you like.


Version-Release number of selected component (if applicable):

Expected results:
Only one org admin allowed!
Comment 1 Robin Norwood 2004-11-12 10:04:36 EST
Fixed in CVS.

Test plan:

1) Perform satellite 3.6 install.
2) After creating the first user, return to the 'create_satellite.pxt'
page, enter a different username, and click 'commit' again.
3) You should get a 500 error in the browser, and a messae in the
Attempt to create satellite user when a user already exists

Comment 2 Todd Warner 2004-12-01 05:53:03 EST
Is that a success? I followed the test plan and I achieve precisely
that. Ugly though. 
Comment 3 Robin Norwood 2004-12-01 10:46:47 EST
We don't generally go out of our way to make things pretty for people
who are doing 'funny' things.  Using the back button to try to create
a second first user counts as 'funny' in my book.
Comment 4 Todd Warner 2005-03-22 13:50:40 EST

Note You need to log in before you can comment on or make changes to this bug.