admin/kubesphere
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: privilege escalation

Browse Source 
Signed-off-by: hongming <talonwan@yunify.com>
This commit is contained in:
hongming
2019-10-31 15:42:03 +08:00
parent 6790844340
commit 0177baf916
2 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/apiserver/iam/im.go
View File

@@ -160,6 +160,11 @@ func UpdateUser(req *restful.Request, resp *restful.Response) {
}
}
if usernameInHeader == user.Username {
// change cluster role by self is not permitted
user.ClusterRole = ""
}
result, err := iam.UpdateUser(&user)
if err != nil {