|
[
Permalink
| « Hide
]
Eloy Lafuente (stronk7) added a comment - 30/Jan/09 07:02 PM
Assigning to Petr.
Relating to this, I'd like to see the the Security Report provide specific information about what is triggering a given warning or alert.
For example flagging "Registered user role" as critical and noting that the role is incorrectly defined is good. But drilling down doesn't explain the specific capabilities that are triggering this misconfiguration error; instead there is a fairly generic "Risky capabilities detected in context." message, with a link to the Roles Details page. I'd like to see the "details" of the security warnings page print a list of what capabilities are causing the risky assessment as well as the recommended setting to resolve the issue. It would make it easier to review and would clearly spell out what the problem areas where. Yes, this information is available by browsing through the roles capabilities page, but that's a lengthy page with a heck of a lot of options on it. It's all too easy to miss a problem capability when trying to trouble shoot this yes, I agree the more details the better.
I have added links to docs pages from detailed report pages
Daniele, thanks for reporting this issue, and Kenneth, thanks for your comments.
Each issue page in the security overview report now has a corresponding page in Moodle Docs ready for further information to be added. See http://docs.moodle.org/en/Security_overview Everyone, please help in editing these pages and adding further information / links to helpful forum discussions etc. docs links present, closing bug, thanks for the report
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sub-task
Resolved
Major
 |
|
