Red Hat Bugzilla – Bug 154176
Switch to normal user in DS console still allows certain admin tasks
Last modified: 2016-04-07 16:02:47 EDT
Description of problem:
Log in to console as admin or directory manager and bring up DS console, then
"Log in as New User" and auth as a regular user.
On most panels the normal user can't do anything, but on the Tasks tap, the
stop/start/restart buttons works. Even changing cert db passwd works too.
He/she can also get to the admin console and change admin user id/passwd, and
admin port, etc.
Note that if a normal user run startconsole and authenticate in that way, he/she
won't be able to bring up DS console at all. Only limited access to Users and
Groups panel in the admin console.
This is most likely not a regression, and may not be common use case anyway.
The only risk is an admin user switch or give control of the consoles to a
regular user this way and assumes the regular user can't do anything.
This was latered in the last bug meeting.
Per triage, close and handle with upstream ticket.