Project

General

Profile

Actions
Copy link

Bug #5473

closed

Make sure consumer can't change other than its own resources

Added by Ivan Necas over 10 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ivan Necas
Category:
-
Target version:
Katello 2.0
Difficulty:
Triaged:
Yes
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

The consumer authrozition was being skipped, so the consumer certificate
could modify other's consumer related stuff.

Since this change was not released yet, not filling CVE for this one

Actions
Copy link
 #1

Updated by Ivan Necas over 10 years ago

  • Status changed from Assigned to Ready For Testing
Actions
Copy link
 #2

Updated by Ivan Necas over 10 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

Applied in changeset katello|commit:cb6b5bda884e6dae3806c2acd8db52433cddcdc3.

Actions
Copy link
 #3

Updated by Eric Helms over 10 years ago

  • Target version set to 44
Actions
Copy link
 #4

Updated by Eric Helms over 10 years ago

  • Triaged changed from No to Yes
Actions
Copy link
 #5

Updated by Eric Helms over 10 years ago

  • Translation missing: en.field_release set to 13
Actions
Copy link

Also available in: Atom PDF