Werk #6452: Fixed wrong sidebar snapin permission checking
Component | User interface |
Title | Fixed wrong sidebar snapin permission checking |
Date | Aug 15, 2018 |
Checkmk Edition | Checkmk Raw (CRE) |
Checkmk Version | 1.5.0p3 1.6.0b1 |
Level | Trivial Change |
Class | Security Fix |
Compatibility | Compatible - no manual interaction needed |
The permission checking of sidebar snapins was not working correctly in all previous 1.5 versions.
The specific issue was that the default permission of the sidebar snapins were not set correctly. Especially the master control snapin (which can be used to globally disable e.g. checking or notifications) was usable even for guest users by default which is normally only available for administrative users.
As workaround, you could override the default permissions of the snapins to make them only available to the intended roles.