Security report on default user role: Difference between revisions
Helen Foster (talk | contribs) m (Tsala moved page report/security/report security check defaultuserrole to Security report on default user role: easier to read title) |
Helen Foster (talk | contribs) (update following MDL-50613) |
||
| (One intermediate revision by one other user not shown) | |||
| Line 7: | Line 7: | ||
If the security overview report shows the default role for all users with status 'Critical' and states that 'The default user role "Authenticated user" is incorrectly defined!' it means that one or more risky capabilities are allowed for the role. | If the security overview report shows the default role for all users with status 'Critical' and states that 'The default user role "Authenticated user" is incorrectly defined!' it means that one or more risky capabilities are allowed for the role. | ||
==Reviewing authenticated user role permissions== | ==Reviewing authenticated user role permissions== | ||
| Line 18: | Line 16: | ||
# Browse the permissions column | # Browse the permissions column | ||
If there is no reason for changing permissions from default | If there is no reason for changing permissions from default, then the role can be reset by clicking the reset button at the top of the page. | ||
After resetting the authenticated user role, the security overview report will show the default role for all users with status OK. | After resetting the authenticated user role, the security overview report will show the default role for all users with status OK. | ||
| Line 25: | Line 23: | ||
* Using Moodle [http://moodle.org/mod/forum/view.php?id=7301 Security and Privacy forum] | * Using Moodle [http://moodle.org/mod/forum/view.php?id=7301 Security and Privacy forum] | ||
[[es:Reporte de seguridad sobre rol del usuario por defecto]] | |||
Latest revision as of 07:31, 28 October 2015
Default role for all users
In general the default role for all users should be set to authenticated user. Normally all permissions for the role of authenticated user should be left as default.
Default user role is incorrectly defined
If the security overview report shows the default role for all users with status 'Critical' and states that 'The default user role "Authenticated user" is incorrectly defined!' it means that one or more risky capabilities are allowed for the role.
Reviewing authenticated user role permissions
The permissions for the role of authenticated user can be reviewed as follows:
- Go to Administration > Site administration > Users > Permissions > Define roles
- In the role column, click the link 'Authenticated user'
- Browse the permissions column
If there is no reason for changing permissions from default, then the role can be reset by clicking the reset button at the top of the page.
After resetting the authenticated user role, the security overview report will show the default role for all users with status OK.
See also
- Using Moodle Security and Privacy forum
