diff options
| author | jim-p <jimp@pfsense.org> | 2012-10-09 10:40:56 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2012-10-09 10:40:56 -0400 |
| commit | 170cb2bcbf0def99262f35368a0e474861300306 (patch) | |
| tree | c22415328d68ccdc759ee69297e643a35f23bd05 /etc/inc/priv | |
| parent | 6f3d3a0781556890e3a6158e32374aed2229f2bd (diff) | |
| download | pfsense-170cb2bcbf0def99262f35368a0e474861300306.zip pfsense-170cb2bcbf0def99262f35368a0e474861300306.tar.gz | |
Add initial support for a privilege that denies write access to the config.
NOTE: This only prevents writing to config.xml - it does NOT prevent other changes/execution that do not involve writing to config.xml (e.g. applying settings, exec, killing states, etc)
Diffstat (limited to 'etc/inc/priv')
| -rw-r--r-- | etc/inc/priv/user.priv.inc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/inc/priv/user.priv.inc b/etc/inc/priv/user.priv.inc index affa218..7c943cd 100644 --- a/etc/inc/priv/user.priv.inc +++ b/etc/inc/priv/user.priv.inc @@ -26,6 +26,10 @@ $priv_list['page-dashboard-widgets']['descr'] = "Allow direct access to all Dash $priv_list['page-dashboard-widgets']['match'] = array(); $priv_list['page-dashboard-widgets']['match'][] = "*.widget.php*"; +$priv_list['user-config-readonly'] = array(); +$priv_list['user-config-readonly']['name'] = "User - Config - Deny Config Write"; +$priv_list['user-config-readonly']['descr'] = "If present, ignores requests from this user to write config.xml."; + $priv_list['user-shell-access'] = array(); $priv_list['user-shell-access']['name'] = "User - System - Shell account access"; $priv_list['user-shell-access']['descr'] = "Indicates whether the user is able to login for ". |
