Menu
▾
▴
Module removed from user acl hangs around...
|
From: <jam...@te...> - 2002-06-24 20:51:01
|
Hi All,
I noticed a behaviour of webmin that at first look seems most troubling.
Here is the
scenario:
1) Add a user.
2) Add a module to the user.
3) Configure the module for the user.
4) At some later point remove the module from the user list of
modules.
After step 3 is completed an acl in file called:
/etc/webmin/mod_name/user.acl
will be created. When you do step 4, remove the module, the acl hangs
around (i.e. it does
not get deleted). I am not sure if this could be exploited or even lends
itself to a
writer of a module shooting themselves in the foot and allowing what was
not intended
to be allowed. Even still I don't think its the right thing to do. Is
this seen as a
problem by any others?
Cheers...james
|
