Custom Query (22 matches)
Results (13 - 15 of 22)
| Ticket | Resolution | Summary | Owner | Reporter |
|---|---|---|---|---|
| #22 | fixed | Project admin page editable by logged in user, not just admins | support@… | tim.te.beek@… |
| Description |
Any logged in user can administrate any project, by altering the below URL in a predictable manner: https://trac.nbic.nl/admin/ProjectAdmin.php?mode=editproject&project=sandbox Currently the only requirement is that the user is logged in, not whether or not the user is an administrator for the project. This constitutes a mayor security project for every current Trac project. |
|||
| #7 | fixed | Logo click should go somewhere reasonable | rob.hooft@… | |
| Description |
I think if one clicks on the "NBIC" logo from a project, it should link to the project list. |
|||
| #8 | fixed | Link from user admin back to projects | rob.hooft@… | |
| Description |
There should be an obvious way to back out of the user admin tool |
|||
Note: See TracQuery
for help on using queries.
