Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-29170

Security overview reports 'Critical' for 'Default role for all users' in fresh Moodle install.

    Details

    • Testing Instructions:
      Hide

      Go to Site administration / Reports / Security overview

      The status of "Default role for all users" should be OK.

      Show
      Go to Site administration / Reports / Security overview The status of "Default role for all users" should be OK.
    • Workaround:
      Hide

      Change the permission 'moodle/webservice:createmobiletoken' ("Create a web service token for mobile access") for the 'user' role (the default role for all users) from 'Allow' to 'Not Set'.

      Show
      Change the permission 'moodle/webservice:createmobiletoken' ("Create a web service token for mobile access") for the 'user' role (the default role for all users) from 'Allow' to 'Not Set'.
    • Affected Branches:
      MOODLE_21_STABLE, MOODLE_22_STABLE
    • Fixed Branches:
      MOODLE_21_STABLE
    • Pull Master Branch:
      s13_MDL-29170_risklevel_master

      Description

      Steps to reproduce
      ==============

      1. Fresh Moodle 2.1 install
      2. Go to Site administration / Reports / Security overview

      Expected result
      ===========

      No 'Critical' status for any issue.

      Actual result
      =========

      The status of 'Default role for all users' is 'Critical'.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  10/Oct/11