]> git.proxmox.com Git - pve-access-control.git/commit - src/test/perm-test8.pl
projects / pve-access-control.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 27014b5) | patch
roles: restrict Permissions.Modify to Administrator
authorFabian Grünbichler <f.gruenbichler@proxmox.com>
Mon, 5 Jun 2023 14:21:36 +0000 (16:21 +0200)
committerThomas Lamprecht <t.lamprecht@proxmox.com>
Wed, 7 Jun 2023 09:13:16 +0000 (11:13 +0200)
commitdf619a8dc2fe518b10f951c86e51e3d4c204936b
tree18fb67af9f8d588946a8d6ff80f2812acb7fe2datree
parent27014b5908492015b42c0b63dcea102708554e4acommit | diff
roles: restrict Permissions.Modify to Administrator

to reduce the chances of accidentally handing out privilege modification
privileges. the old default setup of having Permissions.Modify in PVESysAdmin
and PVEAdmin weakened the distinction between those roles and Administrator.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
src/PVE/AccessControl.pm diff | blob | blame | history
src/test/perm-test1.pl diff | blob | blame | history
src/test/perm-test8.pl diff | blob | blame | history
src/test/test1.cfg diff | blob | blame | history
src/test/test8.cfg diff | blob | blame | history
Access control framework