Forums | Mahara Community
Security issue relating to insecure permissions <17.10.8; <18.04.4: <18.10.1
30 April 2019, 7:24 PM
Disable logins for everyone when root user is suspended
Vulnerability type: Insecure permissions
An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. A site administrator can suspend the system user (root), causing all users to be locked out from the system.
Edits to this post:
- Kristina Hoeppner - 02 May 2019, 10:02 AM