Reset Reseller ACL bug?
Version 114.0.7
In WHM, when you go to Resellers >> Reset Resellers
Choose the ACL and the reseller(s) you want to reset to that ACL and click Apply.
Rather than applying the ACL you chose, if you then go to 'Edit Reseller nameservers and Privileges' you will see it has given the reseller 'Everything' privileges.
If I then access WHM with that resellers account, I in fact have complete control (Not Good).
Hopefully you can reproduce the issue and I'm not losing my mind.
-
Just wanted to add, if I go to 'Edit Reseller nameservers and Privileges' and choose the reseller and then load the ACL, the correct ACL is loaded and clicking save applies the correct ACL settings to the reseller. So it's definitely not an issue with the ACL I'm using and appears to be just the 'Reset Resellers' feature. @cPRex, any feedback on this? 0 -
Tagging me in a brand new thread? Bold move :D I'll do some testing and let you know. 0 -
Sorry :D If this is a bug, I wanted to make sure it's recognized and fixed asap so someone doesn't reset a reseller with root privileges unknowingly and run into serious trouble. 0 -
I'm not able to reproduce this on my end when I checked just now. I did the following: -created a cPanel account and made it a reseller -visited WHM >> Reset Resellers, selected the account, and performed the action -visited WHM >> Edit Reseller Nameservers and Privileges and confirmed the user only had the "Initial Privileges" configured. The "Everything" box at the bottom was not selected. Is that the proper testing steps for this? 0 -
@cPRex, create a custom ACL and assign it to the reseller (below is the exact ACL we are using so you can test) Then go to WHM >> Reset Resellers and chose the custom ACL and reseller and then save. Then go to WHM >> Edit Reseller Nameservers and Privileges and it will show "Everything" assigned to the reseller. acct-summary=1 add-pkg=1 add-pkg-ip=0 add-pkg-shell=1 all=0 allow-addoncreate=1 allow-emaillimits-pkgs=1 allow-parkedcreate=1 allow-shell=1 allow-unlimited-bw-pkgs=1 allow-unlimited-disk-pkgs=1 allow-unlimited-pkgs=1 assign-root-account-enhancements=0 basic-system-info=1 basic-whm-functions=1 clustering=0 connected-applications=1 cors-proxy-get=1 cpanel-api=1 cpanel-integration=1 create-acct=1 create-dns=1 create-user-session=1 demo-setup=0 digest-auth=1 edit-account=1 edit-dns=1 edit-mx=1 edit-pkg=1 file-restore=1 generate-email-config=1 kill-acct=1 kill-dns=1 limit-bandwidth=1 list-accts=1 list-pkgs=1 locale-edit=0 mailcheck=1 manage-api-tokens=1 manage-dns-records=1 manage-oidc=1 manage-styles=1 mysql-info=1 news=1 ns-config=1 park-dns=1 passwd=1 public-contact=1 quota=1 rearrange-accts=0 resftp=0 restart=0 show-bandwidth=1 software-ConfigServer-csf=1 software-imunify360=0 software-lvemanager=1 software-JetBackup5=1 ssl=1 ssl-buy=0 ssl-gencrt=1 ssl-info=1 stats=0 status=1 suspend-acct=1 thirdparty=0 track-email=1 upgrade-account=1 viewglobalpackages=0
0 -
I still wasn't able to reproduce even when using that exact custom ACL list. Could you submit a ticket so we can test this directly on your system? 0 -
Odd. I am able to replicate it on multiple servers. I've opened the ticket #95134054 0 -
I figured out the issue! Not sure when or how, but the ACL file had some invalid characters or formatting. I ran dos2unix on the ACL file and that appears to have fixed the issue. Weird. 0 -
I'm glad that's all it was! 0
Please sign in to leave a comment.
Comments
9 comments