Werk #6452: Fixed wrong sidebar snapin permission checking

Component User interface
Title Fixed wrong sidebar snapin permission checking
Date Aug 15, 2018
Checkmk Edition Checkmk Raw (CRE)
Checkmk Version 1.5.0p3 1.6.0b1
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed

The permission checking of sidebar snapins was not working correctly in all previous 1.5 versions.

The specific issue was that the default permission of the sidebar snapins were not set correctly. Especially the master control snapin (which can be used to globally disable e.g. checking or notifications) was usable even for guest users by default which is normally only available for administrative users.

As workaround, you could override the default permissions of the snapins to make them only available to the intended roles.

To the list of all Werks