Comment 36 for bug 1546507
Revision history for this message
| Stuart McLaren (stuart-mclaren) wrote Re: Regular user can delete any image file | #36 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
67d34a1
(Get the code!)
If I'm reading the patch correctly, we're hardcoding that only an admin can set arbitrary locations:
if not(req.
Previously it was possible to use the policy file to give permissions to just specific roles/users to set arbitrary locations, eg:
policy.json:
"set_
It may be a corner case, but if someone has a workflow that requires a non-admin (but hopefully trusted user) to set an arbitrary location the current patch would prevent that.
Could we do something like have a new policy that would cover that case, eg:
"set_unrestric
That would give us three policy defined sets:
1. Users that can't set locations at all
2. Users that can set locations to allowed values only
3. Users that can set location to any value