Changes between Version 1 and Version 2 of Ticket #11293
- Timestamp:
- Sep 5, 2013, 9:56:11 PM (11 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #11293
- Property Status new → assigned
- Property Summary AuthzPolicy fails SILENTLY! → AuthzPolicy will fail silently if ConfigObj is not available
- Property Keywords authzpolicy permissions added
- Property Milestone → 1.0.2
- Property Owner set to
-
Ticket #11293 – Description
v1 v2 1 When python-configobj is not avai balble, the AuthzPolicy fails without any notice (except a log entry). In the default config that means, that all pages are accessible and any restrictions are void. This is VERY dangerous.1 When python-configobj is not available, the AuthzPolicy fails without any notice (except a log entry). In the default config that means, that all pages are accessible and any restrictions are void. This is VERY dangerous. 2 2 3 3 Immediate Fix: 4 {{{ 4 {{{#!diff 5 5 --- /usr/lib/python2.7/site-packages/tracopt/perm/authz_policy.py~ 2013-09-05 14:38:16.000000000 +0200 6 6 +++ /usr/lib/python2.7/site-packages/tracopt/perm/authz_policy.py 2013-09-05 14:38:37.346011447 +0200