[MDL-17797] Misleading Critical security message when moodle/site:mnetlogintoremote is enabled: - Moodle Tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.9.3
Fix Version/s: 1.9.4, 2.0
Component/s: Administration
Labels:
None

Affected Branches:
MOODLE_19_STABLE
Fixed Branches:
MOODLE_19_STABLE, MOODLE_20_STABLE
Difficulty:
Easy

Description

When displaying Security Overview admin report, Moodle shows the following "Critical" message when the Student capability moodle/site:mnetlogintoremote is enabled:

Site default course role Critical Incorrectly defined default course role "Student" detected!

The error message is either misleading and too severe since the capability is needed by any students in a Moodle Networked environment.

Also, the related message

XSS trusted users Warning RISK_XSS - found 1 users that have to be trusted.

is generated by the same capability set to on.

Attachments

Activity

People

Assignee:: Petr Skoda

Reporter:: Andrea Bicciolo

Tester:: Tim Hunt

Participants:: Andrea Bicciolo, Petr Skoda, Tim Hunt

Component watchers:: David Woloszyn, Huong Nguyen, Jake Dallimore, Meirza, Michael Hawkins, Raquel Ortega, Safat Shahin, Stevani Andolo

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 07/Jan/09 2:47 PM

Updated:: 14/Jan/09 12:32 AM

Resolved:: 08/Jan/09 1:56 PM

Fix Release Date:: 28/Jan/09