Home Featured The Accidental Superuser

The Accidental Superuser

Published on June 5, 2012 by in Featured

We’ve  recently upgraded from Version 11.7 to 11.9 (  In 11.7 we gave many users access to $F1.USR.PREF.MNT – User Settings (via menu $F1.USR.ENVIR.MNU) primarily to enable them to toggle between different security categories. In 11.9 this same function gives people access to creating, deleting and editing users. Thankfully we picked this issue up during our Testing prior to going live and adjusted accordingly, as this has the potential to be a major security risk.

If you are on 11.9, check your workplaces to see if you’re inadvertently giving regular users the ‘keys to the kingdom’. 11.9 , 11.7  and earlier versions feature Roles including  GL Officer, AP Officer, and Manager  include a Menu titled User Environment ($F1.USR.ENVIR.MNU) and anyone  with access to this  can easily make themselves super-users.



 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
No Comments  comments 

You must be logged in to post a comment.