CMS MADE SIMPLE FORGE

CMS Made Simple Core

 

[#12348] A secure mode implementation

avatar
Created By: Ruud van der Velden (ruudvdvelden)
Date Submitted: 2020-08-06 11:05

Assigned To:
Resolution: None
State: Open
Summary:
A secure mode implementation
Detailed Description:
Regularly 'vulnerability' reports are send about logged on admin users being
able to do 'harmful' things in the CMSMS backend.

Although those reports are usually not accepted as vulnerabilities it may be
worth to look at the option for a sort of secure mode.
This could be a config setting, which e.g. disables (the adding/editing of)
UDT's, limits allowed filetypes to be uploaded etc.

Food for thought.

History