search

Dolibarr / dolibarr

Dolibarr ERP CRM is a modern software package to manage your company or foundation's activity (contacts, suppliers, invoices, orders, stocks, agenda, accounting, ...). it's an open source Web application (written in PHP) designed for businesses of any sizes, foundations and freelancers.
https://www.dolibarr.org
GNU General Public License v3.0
5.25k stars 2.72k forks source link

Feature Request Add a way for superAdmin to lock/unlock install actions #5929

Closed toussa closed 7 years ago

toussa commented 7 years ago

Feature Request

Add a way for the super administrator to lock and unlock the installer/upgrader tool, by click in admin tool section.

Use case

Currently, after the first installation, the super admin needs to add manually the install.lock file. Moreover, when he needs to upgrade dolibarr, he needs to remove manually install.lock file and to recreate it. This is quite annoying and sometimes not possible without asking sys admin. I suggest adding a way to do it by click, in the Admin tools section or Setup Section. I know that doing it manually provides the read-only mechanism and forbids dolibarr php files to touch it. But in my opinion, there is no need for this extra protection.

Suggested implementation

I suggest a ON/OFF switch called something like "Lock installation and upgrade actions". It might be located in the "miscellaneous" tab in the Setup/Security category. OR better, directly in the submenu "Upgrade / Extend" in the Admin tools (where it's written how to do it manually).

eldy commented 7 years ago

Note that adding a way to be able to make the lock.unlock from interface make the security become less useless.

rdoursenaud commented 7 years ago

The whole purpose of the lock is to lock install at a sysadmin level. Upgrading Dolibarr is a sysadmin task so I don't see the use case here.

Also, the install.lock is a security recommendation, not a requirement. You can choose not to use it if you feel the risk is limited. You can even disable the warning. See: https://wiki.dolibarr.org/index.php/Setup_Other

toussa commented 7 years ago

I don't see the point to lock install at sysadmin system instead of admin.

As @eldy said, it makes the security measure less useless.

Sysadmin can still use their read-only install.lock file to lock install and not let the possibility to the admin to unlock it.

BTW, I think install.lock should be a requirement and not a simple recommendation. The risk cannot be limited when exposing install and update scripts. Moreover, really easy to find a lot of non-protected installations using some google dorks.

eldy commented 7 years ago

FR not qualified for security purposes. install.lock is already available for sysadmin, and upgrade is not a process dedicated to an admin user but to a sysadmin user.