Bug 154176 - Switch to normal user in DS console still allows certain admin tasks
Summary: Switch to normal user in DS console still allows certain admin tasks
Alias: None
Product: Red Hat Directory Server
Classification: Red Hat
Component: UI - General UI
Version: 7.1
Hardware: All
OS: Linux
Target Milestone: DS_Future
: ---
Assignee: Rich Megginson
QA Contact: Viktor Ashirov
Depends On:
Blocks: 389_1.3.0 512820 690311
TreeView+ depends on / blocked
Reported: 2005-04-07 23:46 UTC by To Ngan
Modified: 2020-09-13 20:02 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2016-04-07 20:02:47 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github 389ds 389-ds-base issues 233 0 None None None 2020-09-13 20:02:56 UTC

Description To Ngan 2005-04-07 23:46:42 UTC
Description of problem:
Log in to console as admin or directory manager and bring up DS console, then
"Log in as New User" and auth as a regular user.

On most panels the normal user can't do anything, but on the Tasks tap, the
stop/start/restart buttons works.  Even changing cert db passwd works too. 
He/she can also get to the admin console and change admin user id/passwd, and
admin port, etc.

Note that if a normal user run startconsole and authenticate in that way, he/she
won't be able to bring up DS console at all.  Only limited access to Users and
Groups panel in the admin console.

This is most likely not a regression, and may not be common use case anyway. 
The only risk is an admin user switch or give control of the consoles to a
regular user this way and assumes the regular user can't do anything.

How reproducible:

Comment 1 David Boreham 2005-05-06 18:03:17 UTC
This was latered in the last bug meeting.

Comment 3 Rich Megginson 2012-01-09 19:45:15 UTC
Upstream ticket:

Comment 5 Noriko Hosoi 2016-04-07 20:02:47 UTC
Per triage, close and handle with upstream ticket.

Note You need to log in before you can comment on or make changes to this bug.