View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0011400 | mantisbt | security | public | 2010-01-15 08:54 | 2010-02-22 14:34 |
Reporter | dhx | Assigned To | dhx | ||
Priority | normal | Severity | minor | Reproducibility | N/A |
Status | closed | Resolution | fixed | ||
Product Version | 1.2.0 | ||||
Target Version | 1.2.0 | Fixed in Version | 1.2.0 | ||
Summary | 0011400: Increase default $g_view_configuration_threshold to ADMINISTRATOR | ||||
Description | By default, $g_view_configuration_threshold is currently set to DEVELOPER. This option should really be changed to have a default of ADMINISTRATOR, as the configuration of MantisBT can contain sensitive information. There won't be impact to current installations, as users at DEVELOPER level have no links whatsoever in the UI to the adm and manage pages of MantisBT. | ||||
Tags | No tags attached. | ||||
MantisBT: master-1.2.x 589ef8ff 2010-01-15 08:55 Details Diff |
Fix 0011400: Increase default $g_view_configuration_threshold By default, $g_view_configuration_threshold is currently set to DEVELOPER. This option should really be changed to have a default of ADMINISTRATOR, as the configuration of MantisBT can contain sensitive information. There won't be impact to current installations, as users at DEVELOPER level have no links whatsoever in the UI to the adm_ and manage_ pages of MantisBT. |
Affected Issues 0011400 |
|
mod - config_defaults_inc.php | Diff File | ||
MantisBT: master 5c727ba9 2010-01-15 08:55 Details Diff |
Fix 0011400: Increase default $g_view_configuration_threshold By default, $g_view_configuration_threshold is currently set to DEVELOPER. This option should really be changed to have a default of ADMINISTRATOR, as the configuration of MantisBT can contain sensitive information. There won't be impact to current installations, as users at DEVELOPER level have no links whatsoever in the UI to the adm_ and manage_ pages of MantisBT. |
Affected Issues 0011400 |
|
mod - config_defaults_inc.php | Diff File | ||
MantisBT: master-1.2.x 9b1fbd77 2010-01-16 21:17 Details Diff |
Fix 0011400: Update documentation of $g_view_configuration_threshold Commit 5c727ba9ac508201434e7d5361297f367a206463 changed the default value of $g_view_configuration_threshold from VIEWER to ADMINISTRATOR. However, I forgot to update the documentation to reflect this change. Thank you Victor for reminding me! Note that this backport includes documentation of the configuration view/set threshold options that were introduced in commit fce04e6597310e9dd644612348354dc055e99dfa but weren't backported to the 1.2.x branch at that point of time. |
Affected Issues 0011400 |
|
mod - docbook/adminguide/en/configuration.sgml | Diff File | ||
MantisBT: master e1d134e7 2010-01-16 21:17 Details Diff |
Fix 0011400: Update documentation of $g_view_configuration_threshold Commit 5c727ba9ac508201434e7d5361297f367a206463 changed the default value of $g_view_configuration_threshold from VIEWER to ADMINISTRATOR. However, I forgot to update the documentation to reflect this change. Thank you Victor for reminding me! |
Affected Issues 0011400 |
|
mod - docbook/adminguide/en/configuration.sgml | Diff File |