-
Type:
Defect (Security)
-
Resolution: Fixed
-
Priority:
Trivial
-
None
-
Affects Version/s: 2.0.5
-
Component/s: API (A)
-
Environment:zabbix 2.0.5
I create a usergroup which permission is read-write on "test-hostgroup", and create a user which permission is "Zabbix User" belong the usergroup . The user only access "Monitoring"?"Inventory"?"Reports" in frontend. But I found the user can create/delete host which belong "test-hostgroup" by API.
