Share » Forums » Developer » Security issue. Anonymous user can...

Security issue. Anonymous user can access the module/view that under admin interface

Security issue. Anonymous user can access the module/view that under admin interface

Wednesday 04 May 2011 8:13:50 am - 3 replies

Author Message

Ivo Lukac

Wednesday 04 May 2011 9:10:48 am

For disable anonymous access just comment the line with hash and clear ini cache:

#PolicyOmitList[]=newmodule/list

But the main question is where did this line come from if you didn't write it. That is a mystery.

http://www.linkedin.com/in/ivolukac
http://www.netgen.hr/eng/blog
http://twitter.com/ilukac

Bill2011 Du

Friday 06 May 2011 1:13:45 am

Thanks, Ivo Lukac .

It was rewrited after i edited the PolicyOmitList parameter of Setup/Ini-setting/site.ini form admin interface.

Is it means all module or view will wirte into PolicyOmitList parameter when edit the PolicyOmitList parameter of Setup/Ini-setting/site.ini form admin interface?

Ivo Lukac

Friday 06 May 2011 1:19:29 am

Thanks, Ivo Lukac .

It was rewrited after i edited the PolicyOmitList parameter of Setup/Ini-setting/site.ini form admin interface.

Is it means all module or view will wirte into PolicyOmitList parameter when edit the PolicyOmitList parameter of Setup/Ini-setting/site.ini form admin interface?

Of course it does. It is the same thing. Admin interface is used to edit all ini files without the need to open files directly...

http://www.linkedin.com/in/ivolukac
http://www.netgen.hr/eng/blog
http://twitter.com/ilukac

You must be logged in to post messages in this topic!

36 542 Users on board!

Forums menu