aws-iam-ldap-bridge Add ACLs - only admin user should be able to enumerate other users, groups and roles

Add ACLs - only admin user should be able to enumerate other users, groups and roles

Open denismo opened this issue 11 years ago • 1 comments

Apr 11 '13 10:04 denismo

At the moment any logged in user can see other users, see their groups and keys. Even worse, they can MODIFY those, for example, can add themselves to all groups thus gaining permissions.

Apr 11 '13 10:04 denismo

aws-iam-ldap-bridge aws-iam-ldap-bridge copied to clipboard

Add ACLs - only admin user should be able to enumerate other users, groups and roles

aws-iam-ldap-bridge
aws-iam-ldap-bridge copied to clipboard