Modèle:Security overview report

Remarque : la traduction de cette page n'est pas terminée. N'hésitez pas à traduire tout ou partie de cette page ou à la compléter. Vous pouvez aussi utiliser la page de discussion pour vos recommandations et suggestions d'améliorations.

Default role for all users

In general the default role for all users should be set to authenticated user. Normally all permissions for the role of authenticated user should be left as default.

Default user role is incorrectly defined

If the security overview report shows the default role for all users with status 'Critical' and states that 'The default user role "Authenticated user" is incorrectly defined!' it means that one or more risky capabilities are allowed for the role.

When mobile web services are enabled on a site (for Moodle Mobile app users), the security overview report shows the default role for all users with status 'Critical' due to the webservice capabilities being allowed for the authenticated user role.

Reviewing authenticated user role permissions

The permissions for the role of authenticated user can be reviewed as follows:

1. Go to Administration > Site administration > Users > Permissions > Define roles
2. In the role column, click the link 'Authenticated user'
3. Browse the permissions column

If there is no reason for changing permissions from default, then the role can be reset by clicking the Reset button at the top of the page.

Fichier:ResetRoleButton.jpg

After resetting the authenticated user role, the security overview report will show the default role for all users with status OK.

Voir aussi

• Forum de discussion Security and Privacy sur Using Moodle (en anglais)
• Discussion à ce sujet (en anglais) : https://moodle.org/mod/forum/discuss.php?d=272769#p1261676