New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix staff group check and Files tab XSS #15285

Closed
wants to merge 3 commits into
base: mike/hotfix_2_12_5
from

Conversation

Projects
None yet
3 participants
@mmaxim
Copy link
Member

mmaxim commented Jan 2, 2019

maxtaco and others added some commits Jan 2, 2019

don't require user is in group staff (#15278)
* don't require user is in group staff

- this isn't a good idea on active directory systems
- also, while we're upgrading the helper, let's also clamp down symlink creation

* better formatting

* vbump
@maxtaco

maxtaco approved these changes Jan 2, 2019

@songgao

This comment has been minimized.

Copy link
Member

songgao commented Jan 2, 2019

LGTM; thanks!

@mmaxim mmaxim closed this Jan 4, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment