Changes between Initial Version and Version 1 of Ticket #43936, comment 70
- Timestamp:
- 04/28/2025 11:16:00 AM (8 weeks ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #43936, comment 70
initial v1 19 19 Many reporters propose that there is no Use-Case for setting Administrator (or even Editor) as the default role. Furthermore, some report that this has been a major security concern because hackers like to switch this default role to gain full access to the site. Options commented here are: 20 20 1. Completely removing the possibility to set a privileged default role (Administrator/Editor) in the Admin Front End 21 2. Completely removing the possibility to set privilege default role by any means 21 2. Completely removing the possibility to set privilege default role by any means (including checks that hinder this setting if set directly towards the DB) 22 22 3. Now inside this position we can go further: Custom roles. Also removing custom roles with admin capabilities. 23 23