Skip to content

Commit

Permalink
chg: disable magic admin username
Browse files Browse the repository at this point in the history 
This feature allowed users to authenticate with any valid key and get an admin console even if they did not have admin access! 
You must now use a valid username/publickey combination to get console access (even if you don't have admin)
  • Loading branch information
@systemmonkey42 @libvoid
systemmonkey42 authored and libvoid committed Jun 6, 2023
1 parent 7e299d9 commit e0747c6
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion pkg/bastion/ssh.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ func (c authContext) userType() userType {
switch {
case c.inputUsername == "healthcheck":
return userTypeHealthcheck
case c.inputUsername == c.user.Name || c.inputUsername == c.user.Email || c.inputUsername == "admin":
case c.inputUsername == c.user.Name || c.inputUsername == c.user.Email:
return userTypeShell
case strings.HasPrefix(c.inputUsername, "invite:"):
return userTypeInvite
Expand Down

0 comments on commit e0747c6

Please sign in to comment.