View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0007196 | mantisbt | security | public | 2006-06-14 08:40 | 2022-05-28 11:24 |
Reporter | redcom | Assigned To | dregad | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | won't fix | ||
Product Version | 1.0.3 | ||||
Summary | 0007196: access_denied() function should indicate the reason why access was denied | ||||
Description | access_denied() should take a parameter to a language token that indicates the reason why access was denied. This will assist in finding bugs or misconfigurations in access control. In our installation a user has developer access to the site, but in a specific project they have administrative access, and when cling on the manage link, they get taken to an access denighed. I can't tell if this is a misconfiguration or if it is a real issue. | ||||
Additional Information | exampe of a call: currently in file_download.php could be changed to | ||||
Tags | No tags attached. | ||||