I just found out that PSU allow for duplicate roles to be created when dealing with the built-in roles (Administrator, User, Operator, Reader, Execute). The duplicate entries don't appear in the web UI but do appear in the roles.ps1 file. I have not been able to duplicate custom roles with unique names (such as Backup). I'm not sure if there is any functionality impact to the roles.ps1 file having duplicate entries, and if it would cause PSU to freak out, or allow identities/jobs/etc. to be mistakenly assigned a role with the same name a user intended (like thinking it was assigned to the built-in Administrator role but it was really assigned to the custom Administrator role, which may not have the same restrictions, etc.).
Version
4.2.21
Severity
Low
Environment
msi
Steps to Reproduce
I just found out that PSU allow for duplicate roles to be created when dealing with the built-in roles (Administrator, User, Operator, Reader, Execute). The duplicate entries don't appear in the web UI but do appear in the
roles.ps1
file. I have not been able to duplicate custom roles with unique names (such asBackup
). I'm not sure if there is any functionality impact to theroles.ps1
file having duplicate entries, and if it would cause PSU to freak out, or allow identities/jobs/etc. to be mistakenly assigned a role with the same name a user intended (like thinking it was assigned to the built-in Administrator role but it was really assigned to the custom Administrator role, which may not have the same restrictions, etc.).Expected behavior
Actual behavior
Additional Environment data
No response
Screenshots/Animations
No response