You are viewing a plain text version of this content. The canonical link for it is here.

Posted to gitbox@activemq.apache.org by GitBox <gi...@apache.org> on 2021/11/24 20:38:48 UTC

[GitHub] [activemq] mattrpav edited a comment on pull request #727: [Security] Fix user permissions in web console

mattrpav edited a comment on pull request #727:
URL: https://github.com/apache/activemq/pull/727#issuecomment-978203642


   @ViliusS I've tagged the JIRA [AMQ-5388](https://issues.apache.org/jira/browse/AMQ-5388) for inclusion in 5.16.4 which is in-progress. I agree the security risk may be serious to certain users. The issue is minor, given there is a known fix and the fix is in a config file, not code.
   
   I advise all users to adjust their conf/jetty.xml if web console access is exposed for non-admin users, or disallow non-admin access to the web console.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@activemq.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org