Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update freeradius ACL #4588

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Update freeradius ACL #4588

wants to merge 4 commits into from

Conversation

burghy86
Copy link

add permission for users and log

add permission for users and log
@burghy86 burghy86 changed the title Update ACL.xml Update freeradius ACL Mar 12, 2025
fix add api pattern
fix log api
delete acl log. not work for my limit
users work perfectly
Copy link
Member

@mimugmail mimugmail left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, thx

@fichtner fichtner self-assigned this Mar 12, 2025
@fichtner
Copy link
Member

I'm not sure this is a good idea, especially since the API endpoint pattern still allows all manipulation. CC @AdSchellevis

@burghy86
Copy link
Author

I'm not sure this is a good idea, especially since the API endpoint pattern still allows all manipulation. CC @AdSchellevis

I have created a reception user who should only be able to create and delete guest WiFi users. As of now, I can only grant permissions for the entire FreeRADIUS plugin, but it's not granular. This way, they can only see the users and won't cause any issues. It may not be the best method, but it seems the most logical one since other plugins already use the same user permission system.

@AdSchellevis
Copy link
Member

Not a good idea indeed as it suggests a granularity that simply doesn't exist which means someone will open a ticket or cve for a security concern rather sooner than later.

@burghy86
Copy link
Author

Not a good idea indeed as it suggests a granularity that simply doesn't exist which means someone will open a ticket or cve for a security concern rather sooner than later.

i'm not a expert. sorry.i will wait a solution for a real programmer

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

4 participants