Loading...

XML

Word

Printable

Type: Defect (Security)
Resolution: Unresolved
Priority: Trivial
Fix Version/s: None
Affects Version/s: 2.0.5
Component/s: API (A)
Labels:
- permissions
- security
Environment:
zabbix 2.0.5

I create a usergroup which permission is read-write on "test-hostgroup", and create a user which permission is "Zabbix User" belong the usergroup . The user only access "Monitoring"?"Inventory"?"Reports" in frontend. But I found the user can create/delete host which belong "test-hostgroup" by API.

is duplicated by

ZBX-7431 Zabbix User is able to create screens through API

Closed

ZBX-18091 Zabbix User has permissions to add and delete hosts via API

Closed

Assignee:: Zabbix Support Team

Reporter:: pengyao

Votes:: 14 Vote for this issue

Watchers:: 10 Start watching this issue

Created:: 2013 Mar 05 10:16

Updated:: 2020 Jul 16 15:40

Details

Description

Attachments

Issue Links

Activity

People

Dates