DokuWiki

Login!
Register as a new userLost password?

for Project:

This is the issuetrackingsystem for DokuWiki. You may add bugs and feature wishes here. Please post support requests in the Forum.
To prevent spamming anonymous task adding had to be disabled. Your account here is valid as login for DokuWiki, too.
Please read wiki:bugs for help with the bugtracking system
Always perform a search on both open and closed tasks before opening a new one; your bug might already have been reported.

FS#825 — Privilege Escalation in Profile Update

Attached to Project— DokuWiki
Opened by Andreas Gohr (andi) - Tuesday, 06 June 2006, 08:11PM
Bug Report
Security
CLOSED
No-one
All
Medium
High
2006-03-09
Undecided
Undecided
100%
Andreas Åkre Solberg discovered a security flaw which allows registered users to view page content they usually have no access to. The problem is in the way how a successful user profile change is handled.

This affects only users who have Access Control Lists enabled (off by default) and restricted the READ permission for certain pages even for logged in users. Non-authenticated users can not exploit this bug.

To fix the problem manually add the following line before the "call template" comment line (around line 102) in inc/action.php :

$ACT = act_permcheck($ACT);

This rechecks all ACLs a second time before the template is called, avoiding similar problems in the future.

The downloadable package of release 2006-03-09 was updated to incorporate the fix (-> 2006-03-09b)
This task depends upon

This task blocks these from closing
Closed by  Andreas Gohr (andi)
Date:  Thursday, 15 June 2006, 11:06PM
Reason for closing:  Fixed