continuum-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brent Atkinson <batkin...@apache.org>
Subject Re: Weird security bug?
Date Wed, 27 Feb 2013 17:18:57 GMT
Marcio,

I'm sorry to hear you are disappointed. If you are interested in helping,
logging an issue with a more detailed description of the steps you're
following, such as what page are you on from, what user you are logged in
as, the steps you're following, etc. makes it much more easy to identify
and fix. You could also submit a patch if you are interested.

Brent

On Wed, Feb 27, 2013 at 8:43 AM, Marcio Frayze David <mfdavid@gmail.com>wrote:

> I'm running version 1.3.8 build number 1164847.
>
> If I edit a role of somebody, the options I'm not supposed to be able
> to grant are disabled by default. But as far as I can tell, there is
> no server-side verification... so if I just edit the html code on
> runtime on my client side and erase the "disabled" of the checkbox, I
> can grant anything to anyone...
>
> Hope this is already fixed in some newer release. Anyway, I'm very
> disappointed with the quality of this software.
>
> Cya.
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message