[TYPO3-core] RFC: Feature #13164: CLI processes cannot be executed when adminOnly mode is enabled
Susanne Moog
typo3 at susannemoog.de
Tue Feb 9 10:35:08 CET 2010
Hi,
Am 01.02.2010 17:13, schrieb Oliver Hader:
>>>> This is an SVN patch request.
>>>>
>>>> Type: Feature
>>>>
>>>> Bugtracker references:
>>>> http://bugs.typo3.org/view.php?id=13164
>>>>
>>>> Branches: Trunk
>>>>
>>>> Problem:
>>>> CLI processes that require a backend user are not executed when these
>>>> backend users don't have the admin flag set and
>>>> $TYPO3_CONF_VARS['BE']['adminOnly'] is enabled.
>>>>
>>>> Adding the admin flag to these CLI backend users is dangerous since
>>>> somebody could abuse these users.
>>>>
>>>> Solution:
>>>> Add a new state for the adminOnly configuration that allows CLI
>>>> processes to bypass the adminOnly check. Thus, there are the following
>>>> settings for adminOnly:
>>>> -1: Lock backend and install tool
>>>> 0: Default - No lock at all
>>>> 1: Only admin users can log into the backend
>>>> 2: Only admin users can log into the backend, but CLI processes using
>>>> regular backend users are allowed
+1 by reading and testing although I would leave the part "executing
cron jobs" out of the description.
Currently we have "If it's a positive integer, only admin users can log
into the backend - if it equals "2", regular backend users are allowed
in CLI mode executing cron jobs." but CLI users are allowed whether they
execute (or are executed as) cron jobs or are used "by hand".
Best regards,
Susanne
More information about the TYPO3-team-core
mailing list