Skip to content

bugzilla
bugzilla
Commit 99cbf8f5 authored by lpsolit%gmail.com's avatar lpsolit%gmail.com
Browse files
Options

Bug 91761: sanitycheck.cgi is too broadly accessible - Patch by Fré©ric…

Bug 91761: sanitycheck.cgi is too broadly accessible - Patch by Fré©ric Buclin <LpSolit@gmail.com> r/a=justdave
parent 821248dd
Hide whitespace changes
Inline Side-by-side
Showing with 5 additions and 9 deletions
sanitycheck.cgi
View file @ 99cbf8f5
...@@ -79,15 +79,11 @@ my $cgi = Bugzilla->cgi; ...@@ -79,15 +79,11 @@ my $cgi = Bugzilla->cgi;
my $dbh = Bugzilla->dbh; my $dbh = Bugzilla->dbh;
my $template = Bugzilla->template; my $template = Bugzilla->template;
# Make sure the user is authorized to access sanitycheck.cgi. Access # Make sure the user is authorized to access sanitycheck.cgi.
# is restricted to logged-in users who have "editbugs" privileges, # As this script can now alter the group_control_map table, we no longer
# which is a reasonable compromise between allowing all users to access # let users with editbugs privs run it anymore.
# the script (creating the potential for denial of service attacks) Bugzilla->user->in_group("editcomponents")
# and restricting access to this installation's administrators (which || ThrowUserError("auth_failure", {group => "editcomponents",
# prevents users with a legitimate interest in Bugzilla integrity
# from accessing the script).
Bugzilla->user->in_group("editbugs")
|| ThrowUserError("auth_failure", {group => "editbugs",
action => "run", action => "run",
object => "sanity_check"}); object => "sanity_check"});
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment