Menu
▾
▴
#5123 Add To Group visible after restricting access
After creating a group for standard users on webmin, I worked on restricting what they can and can't do. However one restriction that can't seem to work is preventing a user from adding themself to another more privilaged group.
The bug appears to be connected to the user's ability to create and delete users, as when disabling those abilities under the MAC, any attempt to change groups results in an error about deleting the user.
Forgot to mention this is running 1.881 on Centos 7 x86_64
Are you referring to Webmin users here, or Unix users?
The webmin user module.
Are you controlling which groups a user can be assigned to via the "Can assign users to groups" option on the access control page? That should work to prevent assignment to a more privileged group.
The following attachment shows the settings page that work. By enabling the options "Can create new users?" and "Can delete users?" the user is suddenly able to switch their group. The options disabled causes any attempt to switch groups result in the error "Failed to add users to group : You are not allowed to delete users"
Thanks, I see the cause of this bug now - it will be fixed in the next Webmin release.