Moodle

Should current admin user be flagged as an untrusted user?

Details

  • Type: Sub-task Sub-task
  • Status: Closed Closed
  • Priority: Minor Minor
  • Resolution: Fixed
  • Affects Version/s: 1.9.3
  • Fix Version/s: 2.0
  • Component/s: Administration
  • Labels:
    None
  • Affected Branches:
    MOODLE_19_STABLE
  • Fixed Branches:
    MOODLE_20_STABLE

Description

On a fresh install of Moodle 19 stable build (Build: 20090123), a primary administrator must be created.
When accessing Admin->Security overview, the XSS trusted users warning is displayed. Could'nt be misleading to let people think somewhat dangerous to have Moodle admins ?

Could we try to think a lower severity status when for this situation ?

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Martin Dougiamas added a comment -

I guess it's not a problem to indicate that the current admin user is untrusted. Or is it? Should the current user be excluded from these checks?

Show
Martin Dougiamas added a comment - I guess it's not a problem to indicate that the current admin user is untrusted. Or is it? Should the current user be excluded from these checks?
Hide
Permalink
Petr Škoda (skodak) added a comment -

I would prefer to implement user trust bitmasks - it might help a lot with performance too in fact

Show
Petr Škoda (skodak) added a comment - I would prefer to implement user trust bitmasks - it might help a lot with performance too in fact
Hide
Permalink
Martin Dougiamas added a comment -

Cool with me +1

Show
Martin Dougiamas added a comment - Cool with me +1
Hide
Permalink
Petr Škoda (skodak) added a comment -

Hello,
administrators are not included in this report any more because they do not have any role now.

thanks for the report!

Show
Petr Škoda (skodak) added a comment - Hello, administrators are not included in this report any more because they do not have any role now. thanks for the report!

People

Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved:
Atlassian JIRA (v4.4.5#665-sha1:422aead) | Report a problem
Powered by a free Atlassian JIRA open source license for Moodle. Try JIRA - bug tracking software for your team.