Skip to Content
Menu
Musisz się zarejestrować, aby móc wchodzić w interakcje z tą społecznością.
To pytanie dostało ostrzeżenie
3791 Widoki

This is a serious security concern, defining group access rights on menu items is not enough to restrict access to actions

How do you protect against this ? someone could just try action ids one by one until they find an existing action that gives him/her access to potentially private information.

I restricted access to a window action to a specific group, but I was still able to see it with a user that doesn't belong to that group.

Is this a bug? or am I missing something?

Awatar
Odrzuć
Powiązane posty Odpowiedzi Widoki Czynność
1
paź 23
8359
0
mar 15
3598
1
mar 15
4982
0
mar 25
737
2
paź 24
1655