Last modified: 2012-04-12 21:29:12 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T36651, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 34651 - Make a group blacklist for ssh key changes
Make a group blacklist for ssh key changes
Status: NEW
Product: MediaWiki extensions
Classification: Unclassified
OpenStackManager (Other open bugs)
unspecified
All All
: Low normal (vote)
: ---
Assigned To: Ryan Lane
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-02-23 19:43 UTC by Ryan Lane
Modified: 2012-04-12 21:29 UTC (History)
1 user (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Ryan Lane 2012-02-23 19:43:27 UTC 
It's not very ideal for admins to be able to change their ssh key via the web interface, since it can then be used to impersonate high-privilege users in other places. We should have a LocalSettings.php config option for blacklisting specific groups from changing their own SSH key.
Comment 1 Ryan Lane 2012-04-12 21:29:12 UTC 
Even better, rather than a blacklist in OpenStackManager, we should add an ACI to the LDAP server that denies the OpenStackManager user from updating users in specific groups.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links