Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-17797

Misleading Critical security message when moodle/site:mnetlogintoremote is enabled:

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 1.9.3
    • 1.9.4, 2.0
    • Administration
    • None
    • MOODLE_19_STABLE
    • MOODLE_19_STABLE, MOODLE_20_STABLE
    • Easy

    Description

      When displaying Security Overview admin report, Moodle shows the following "Critical" message when the Student capability moodle/site:mnetlogintoremote is enabled:

      Site default course role Critical Incorrectly defined default course role "Student" detected!

      The error message is either misleading and too severe since the capability is needed by any students in a Moodle Networked environment.

      Also, the related message

      XSS trusted users Warning RISK_XSS - found 1 users that have to be trusted.

      is generated by the same capability set to on.

      Attachments

        Activity

          People

            skodak Petr Skoda
            andreabix Andrea Bicciolo
            Tim Hunt Tim Hunt
            Andrew Lyons, Huong Nguyen, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              28/Jan/09