[Freedombox-discuss] normal user is admin
James Valleroy
jvalleroy at mailbox.org
Sun Nov 12 14:49:47 UTC 2017
On 11/12/2017 07:47 AM, Pierre L. wrote:
> Hey!
>
> There are some months ago I have tried Freedombox.
> Today it's a new test with a Debian 9 64bits Stretch in Virtualbox +
> install Freedombox by command lines as described on the documentation.
> (it's easy! thx for your work!)
>
> I see this previous bug (#733 github) solved , but on my fresh install,
> a new user without "admin" or "wiki" group is still able to install some
> apps, successfully installed Tor and Roundcube for my tests...
>
> May have I misunderstood something ?
> A normal user has admin level by default ?
>
> Thx for your light !
Hi Pierre,
Debian 9 (Stretch) has plinth-0.13.1. In this version, the only
difference between "admin" and other users is that "admin" users can
access the box through SSH or console login. But every user can change
configuration through Plinth. In other words, you should not create
Plinth accounts for untrusted users.
This was changed in plinth 0.14 and above (targeted for Debian 10
(Buster)). Now, only the "admin" users can change configuration. I
suggested in github issue #281 to add a description that this group is
for the owner(s) of the FreedomBox.
--
James
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 866 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20171112/1fa68c09/attachment.sig>
More information about the Freedombox-discuss
mailing list