Bug 319311 - dwr info page should be disabled
dwr info page should be disabled
Product: Red Hat Satellite 5
Classification: Red Hat
Component: Other (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Justin Sherrill
wes hayutin
Depends On:
Blocks: 248643
  Show dependency treegraph
Reported: 2007-10-04 17:26 EDT by Justin Sherrill
Modified: 2008-04-02 17:07 EDT (History)
0 users

See Also:
Fixed In Version: sat510
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-04-02 17:07:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Justin Sherrill 2007-10-04 17:26:37 EDT
The dwr info page here:  /rhn/dwr  allows many things to be seen and functions
to be executed.  

This shouldn't be allowed.
Comment 1 Justin Sherrill 2007-10-09 13:03:07 EDT
fixed in rev 132767.
Comment 2 Partha Aji 2007-10-19 14:11:56 EDT
Moving to ON_QA
Comment 3 wes hayutin 2007-10-23 08:10:23 EDT
ok.. we have a standard access denied page...
lets use the standard page..

I'll try to find a copy..

Here is one example.. however we do have a few of these pages..

Permission Error

You do not have the appropriate permission set to access the requested page. You
may have reached this error page in one of several ways:

   1. You are using Konqueror 3.0, which does not handle form variables properly
in all cases. Continuing to use Konqueror 3.0 will have unexpected results. If
you are using Konqueror 3.0, please use another browser.
   2. Your login session has expired. For security reasons, Red Hat Network
terminates your login session after 15 minutes of inactivity. To sign in again,
click here.
   3. You've found an error in our site. Please help us by filling out this form
with details of how you received this message.
   4. Your browser does not have cookies enabled. The Red Hat Network requires
cookies in order to function; if you have disabled them, please re-enable them
to use the site.
   5. You've done something naughty. Stop it.

Comment 4 Justin Sherrill 2007-10-23 15:04:41 EDT
We can't really change that text easily as that text is actually from the dwr
library :/

moving to verified
Comment 5 Brandon Perkins 2008-04-02 17:07:56 EDT
UI Enhancements for 5.1 Sat GA so Closed for Current Release.

Note You need to log in before you can comment on or make changes to this bug.