diff options
author | Matthew Wild <mwild1@gmail.com> | 2023-03-25 19:38:41 +0000 |
---|---|---|
committer | Matthew Wild <mwild1@gmail.com> | 2023-03-25 19:38:41 +0000 |
commit | 6b2d191b939099b598e7edaf972994c94a24ff0e (patch) | |
tree | 5b79bd87f2885f301bde92d85928ee99ec9a8c02 /plugins/mod_saslauth.lua | |
parent | e53ef27a1c6e620cc79bb8a4ef0a12dbe9cd0eb7 (diff) | |
download | prosody-6b2d191b939099b598e7edaf972994c94a24ff0e.tar.gz prosody-6b2d191b939099b598e7edaf972994c94a24ff0e.zip |
moduleapi: may: Fail early if a local session has no role assigned
We expect every session to explicitly have a role assigned. Falling back to
any kind of "default" role (even the user's default role) in the absence of
an explicit role could open up the possibility of accidental privilege
escalation.
Diffstat (limited to 'plugins/mod_saslauth.lua')
0 files changed, 0 insertions, 0 deletions