[wp-trac] Re: [WordPress Trac] #6566: custom-built roles can create
administrator users
WordPress Trac
wp-trac at lists.automattic.com
Sun Jun 29 19:51:59 GMT 2008
#6566: custom-built roles can create administrator users
-------------------------------+--------------------------------------------
Reporter: Denis-de-Bernardy | Owner: anonymous
Type: defect | Status: closed
Priority: normal | Milestone:
Component: Security | Version: 2.5
Severity: minor | Resolution: invalid
Keywords: capabilities |
-------------------------------+--------------------------------------------
Changes (by pishmishy):
* keywords: => capabilities
* status: new => closed
* resolution: => invalid
* milestone: 2.5.2 =>
Comment:
This is by design. The edit_options capability is intended to allow a user
to edit options ;-) . See also #6014.
I've discussed these sorts of issues with the author of the role manager
plugin and the conclusion seems to be that if you're not sure what each
capability actually allows, you shouldn't be messing with them :-)
It may be a documentation issue but I'm reluctant to accept it as a bug so
I'm going to close for now.
--
Ticket URL: <http://trac.wordpress.org/ticket/6566#comment:1>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list