[wp-trac] Re: [WordPress Trac] #6908: Creating new users role - a security risk?

WordPress Trac wp-trac at lists.automattic.com
Mon May 5 16:36:13 GMT 2008


#6908: Creating new users role - a security risk?
--------------------------------------+-------------------------------------
 Reporter:  CrazySerb                 |        Owner:  anonymous
     Type:  defect                    |       Status:  new      
 Priority:  normal                    |    Milestone:  2.7      
Component:  Security                  |      Version:  2.5.1    
 Severity:  normal                    |   Resolution:           
 Keywords:  user roles, group levels  |  
--------------------------------------+-------------------------------------
Changes (by Otto42):

  * priority:  highest omg bbq => normal
  * severity:  major => normal
  * milestone:  => 2.7

Comment:

 Allowing users to edit users higher than themselves does indeed not make
 much sense, however the user level number idea is deprecated/not used
 anymore. Perhaps some way to define an order on the Roles, thus allowing
 it to determine which roles are above other roles?

-- 
Ticket URL: <http://trac.wordpress.org/ticket/6908#comment:1>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list