Project

General

Profile

Actions

Feature #19851

closed

Sudo mode: Require password re-entry for sensitive actions (optional)

Added by Jens Krämer almost 9 years ago. Updated almost 9 years ago.

Status:
Closed
Priority:
Normal
Category:
Accounts / authentication
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed

Description

This patch adds a so-called sudo mode as a safe-guard against damage done through hijacked sessions, be it remotely or through physical access to a computer with an existing open Redmine session. A similar feature has been implemented for example by GitHub.

Sudo mode will require the user to re-enter his password before any potentially dangerous action is carried out (see below for full list). Once the correct password was entered, the original action will be performed and sudo mode will stay active for at least 15 minutes. Every time another action requiring sudo permissions is invoked, this interval will be reset, so more administrative work can be done without further interruptions. This behaviour is similar to what Unix sudo does.

Full list of things guarded by the patch:

  • editing of account data (my/account) and email addresses
  • displaying the API key, reset of rss / API keys
  • editing of Project memberships
  • global settings, plugin settings
  • user, group, role, auth source management
  • project deletion

Since actions requiring this additional authentication step are declared in controllers using a simple class method, sudo mode might also easily be used by plugins to protect their own potentially destructive actions.

This feature was developed for Planio and we think it would be very nice to have that in Redmine.


Files

20150515_sudo_mode.diff (28.3 KB) 20150515_sudo_mode.diff patch against current trunk (r14266) Jens Krämer, 2015-05-15 10:52
Actions

Also available in: Atom PDF