Remove security risk of forceroot

Any user can specificy 'forceroot'. Remove this and rely upon the other method to properly use the 'trusted' role.
2025-10-31 03:12:30 +00:00 · 2018-03-26 15:16:44 -04:00
parent adec07ad99
commit b022936491
1 changed files with 0 additions and 4 deletions
--- a/xCAT-server/lib/xcat/plugins/xdsh.pm
+++ b/xCAT-server/lib/xcat/plugins/xdsh.pm
@@ -639,7 +639,6 @@ sub process_servicenodes_xdcp
        $addreq->{'_xcatdest'} = $::mnname;
        $addreq->{node}        = \@sn;
        $addreq->{noderange}   = \@sn;
-        $addreq->{forceroot}->[0]   = 1;

        # check input request for --nodestatus
        my $args = $req->{arg};    # argument
@@ -1216,9 +1215,6 @@ sub process_request
            $ENV{DSH_FROM_USERID} = $request->{username}->[0];
        }
    }
-    if ($request->{forceroot}) {
-        $ENV{DSH_FROM_USERID} = 'root';
-    }
    if ($command eq "xdsh")
    {
        xdsh($nodes, $args, $callback, $command, $request->{noderange}->[0]);