Guten Tag
u0107@...,
am Mittwoch, 4. Juli 2012 um 20:36 schrieben Sie:
> Our installation of Bugzilla has a major security exposure.
Which version do you use?
> Any
> user that is created gets admin privileges. Even if the
> administrator (I or someone else) changes the authorization and
> removes these privileges, the privileges can be reacquired by the user him/herself.
Sounds like there's a regexp for admin users which matches all users,
by default it should be empty. Have a look at the admin group page, at
the top there should be an input field called "User Regexp". If this
is not the problem you should describe more detailed how your admin
settings look like.
Mit freundlichen Grüßen,
Thorsten Schöning
--
Thorsten Schöning E-Mail:
Thorsten.Schoening@...
AM-SoFT IT-Systeme
http://www.AM-SoFT.de/Telefon.............030-2 1001-310
Fax...............05151- 9468- 88
Mobil..............0178-8 9468- 04
AM-SoFT GmbH IT-Systeme, Brandenburger Str. 7c, 31789 Hameln
AG Hanover HRB 207 694 - Geschäftsführer: Andreas Muchow
_______________________________________________
support-bugzilla mailing list
support-bugzilla@...
https://lists.mozilla.org/listinfo/support-bugzillaPLEASE put
support-bugzilla@... in the To: field when you reply.
