#8761: Permissions bug in Admin area ---------------------------------------------------------------+------------ Reporter: caphun | Owner: nobody Status: new | Milestone: 1.0 Component: Admin interface | Version: SVN Keywords: admin, interface, permissions, users, groups, bug | Stage: Unreviewed Has_patch: 0 | ---------------------------------------------------------------+------------ If a user is given add/edit/delete permissions to user objects, the user is then able to create other users with greater permissions than itself, even promoting others to superuser status. Furthermore that user could also turn itself super by editing profile. Running off latest SVN version.
-- Ticket URL: <http://code.djangoproject.com/ticket/8761> Django Code <http://code.djangoproject.com/> The web framework for perfectionists with deadlines --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-updates?hl=en -~----------~----~----~----~------~----~------~--~---
