0 votes
I created a group and policy for User Administrators, who should have acces to adding and deleting users only.
I also created a group Super Admin who can do everything, instead of logging in as root and should be more safe.

However those User Administrators can make themselves Super Administrators, and gain access to everything. This should not be possible I think, or should I have done it another way?

Friday, February 22 2019, 03:17 PM
Share this post:
Responses (1)
  • Accepted Answer

    Saturday, February 23 2019, 10:27 AM - #Permalink
    0 votes
    I can see the problem. Once you can administer users you can assign any user to a group and that may be the Super Administrators group. I'm not sure how you could stop that unless ClearOS could somehow create a group hierarchy with pre-defined group names.
    The reply is currently minimized Show
Your Reply