-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to block using impersonate? #41
Comments
Could you clarify the situation: "the app admins shouldn't see any of users files". so then don't grant them permission to use impersonate, e.g. having two groups sysadmin+appadmin and only sysadmin is allowed to use impersonate? or do you want to prevent sysadmins to impersonate as appadmins? |
@KB7777 with 1.0.4 you can configure group memberships (Admin → Additional settings). The people who should be able to impersonate must be groupadmins within (and can only impersonate users in that group). Perhaps that's already sufficient? |
I think a user should be notified when an admin impersonates them. This app presents a trust issue with hosted Nextcloud instances. What's the point of E2E encryption when an admin can just open your account and go through your files? |
@aproposnix with E2E it doesn't matter because you can't open the files on the server. In other words the admin can impersonate you but without your mnemonic key they still can't access your E2E files. |
@KB7777 places all persons who are allowed to impersonate into one group and configure this as according to #41 (comment) |
@blizzz |
@KB7777 nope, iirc, you can confiugre an "impersonator" group and assign the people accordingly. |
This is not working :) |
@KB7777 they can be in both admins and impersonators, but you need to limit impersonating to the impersonators group |
But the user from "admins" group can change his group and add himself to "impersonator" group. |
true, that's a dilemma. but since they are admin anyway, they basically can do anything. |
Well, it's all about that -- How to block using impersonate? :) |
don't bother for admins, they'll always find a way. If you don't trust them, take away the admin role. |
But the my appadmins can't access to the OS. |
@KB7777 they could write a malicious app, put it to the app store and install it. Would give them at least permissions of the web user. |
So, there is no point to restrict my appadmins group, because they could do anything in Nextcloud instance anyway? Hm... |
It's being logged in the nextcloud.log so far. User information could be interesting, though i guess there are pro and cons against that. You may open a feature request, though up front: i won't have resources to work on it any time soon. |
Hello.
is it possible to prevent using impersonate from Nextcloud admin accounts?
We have sysadmins with all rights (system, storage, Nextcloud, etc.) and apps admins with Nextcloud admins rights. The apps admins shouldn't see any of users files...
Regards.
The text was updated successfully, but these errors were encountered: