Feature #4186: Tvheadend log expose data to non-admin users - Tvheadend

Feature #4186

Tvheadend log expose data to non-admin users

Added by Anonymous almost 8 years ago. Updated over 7 years ago.

Status:

Fixed

Priority:

Normal

Assignee:

Category:

User Interface

Target version:

4.2

Start date:

2017-01-16

Due date:

% Done:

100%

Estimated time:

Description

Steps for issue re-creation when logged in as admin:

1. Create non-admin user
2. Allow "Web interface" feature for non-admin user
3. Log in to web interface as non-admin user and go to Tvheadend log
4. Observe that all activity and data (IP, Usernames, Mux names..) of admin or any other user is exposed to non-admin user in Tvheadend log!

Tvheadend log should not show and should not be allowed/enabled/visible for non-admin users.

History

Updated by Anonymous over 7 years ago

You can close this ticket now. I can see this has been already fixed, because all is OK in HTS Tvheadend 4.1-2477~g019c946~xenial and no sensitive information are exposed to non-admin users. Good work!

Updated by Jaroslav Kysela over 7 years ago

Target version set to 4.2

Updated by Jaroslav Kysela over 7 years ago

Status changed from New to Fixed
% Done changed from 0 to 100

Applied in changeset commit:tvheadend|54e63e3f9af8fdc0d23f61f3cda7fa7b246c1732.

Also available in: Atom PDF

Project

General

Profile

Tvheadend

Issues

Custom queries

Feature #4186

Tvheadend log expose data to non-admin users

History

Updated by Anonymous over 7 years ago

Updated by Jaroslav Kysela over 7 years ago

Updated by Jaroslav Kysela over 7 years ago