Administrators can modify targets that they don't have rights to.

  • Document ID:3194457
  • Creation Date:12-Oct-2006
  • Modified Date:30-Apr-2012
    • Micro Focus Products:
      ZENworks Linux Management

Environment

Novell ZENworks Linux Management 6.6.2 - ZLM 6.6.2

Situation

Standard administrators can modify package targets even though they do not have"modify" rights to the channel.

Status

Reported to Engineering

Additional Information

STEPS TO REPRODUCE:

1.Login as your main administrator.

2.create a channel called secure_channel or whatever name you want.

3.create a new test administrator with administrator type: Standard.

4.go to the user and give him View permissions for the secure_channel

5.login as this test administrator

RESULTS:

The test administrator will be able to modify package targets within the

secure_channel that he didn't have modify rights to.