[Freeipa-devel] Should normal user see his krbt and password policies?
Petr Vobornik
pvoborni at redhat.com
Tue May 27 14:10:45 UTC 2014
On 27.5.2014 14:28, Petr Vobornik wrote:
> Recent removal of global read-only ACI affects current self-service page.
>
> Now it displays error dialog with two errors:
> * None: password policy not found
> * an internal error has occurred
>
> They are results of:
> * pwpolicy-show --user=username
> * krbtpolicy-show username
> commands.
>
> The second one is an obvious bug:
> https://fedorahosted.org/freeipa/ticket/4354
>
> The question is whether normal user should see this information or not.
>
> If yes, we should fix default permissions. If not, we should fix Web UI.
A ticket for Web UI was created since the user can also browse other users.
https://fedorahosted.org/freeipa/ticket/4355
Nevertheless, the original question still stands.
--
Petr Vobornik
More information about the Freeipa-devel
mailing list