Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
'read-onéy' access allows reordering rules
« previous
next »
Print
Pages: [
1
]
Author
Topic: 'read-onéy' access allows reordering rules (Read 2017 times)
GaardenZwerch
Full Member
Posts: 104
Karma: 2
'read-onéy' access allows reordering rules
«
on:
August 12, 2022, 01:47:25 pm »
Hi All,
I have tried to setup a 'read-only' access to the web-gui, with the intention of allowing to allow a given user to look at the config, but not mess with it.
I find that if I give a user access to the gui pages 'without edit' for rules and NAT, he can still reorder the rules.
He can't edit Aliases or rules, but he can still select a rule, and move it around with the <- icon.
Is this expected/known/wanted?
Thanks a lot in advance,
Frank
Logged
Patrick M. Hausen
Hero Member
Posts: 6816
Karma: 572
Re: 'read-onéy' access allows reordering rules
«
Reply #1 on:
August 12, 2022, 01:58:43 pm »
Can they save/apply?
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: 'read-onéy' access allows reordering rules
«
Reply #2 on:
August 12, 2022, 02:07:22 pm »
At first glance moving rules also requires write_config() which fails for read-only users. I don't want to say it's not possible as that could always be the case with hidden bugs, but it needs precise steps to reproduce (and possibly responsible disclosure).
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
'read-onéy' access allows reordering rules