Community discussions

MikroTik App
 
daviddem
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 62
Joined: Sun Sep 18, 2011 12:16 pm

Script policies incorrectly applied?

Wed Jun 13, 2012 6:21 am

It seems that script policies are incorrectly applied. For example, according to the wiki, the hotspot passwords are considered sensitive information. However, a script without the "sensitive" category granted can still read and display hotspot passwords. See below.
[admin@MikroTik] > /system script add name=TestPolicy policy=read source=":local p [/ip hotspot user get TestUser password];:put \$p"
[admin@MikroTik] > /system script run TestPolicy 
TestPassword
[admin@MikroTik] > 
The only reason for which I am thinking this *could* be valid is whether user's policies supersede script policies. However this is not stated anywhere in the Wiki.
 
daviddem
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 62
Joined: Sun Sep 18, 2011 12:16 pm

Re: Script policies incorrectly applied?

Wed Jun 13, 2012 2:28 pm

Reply to the bug report from Mikrotik support:
Hello,

Thank you for the report, we will fix the problem in the future versions.

Regards,
Maris
--
Come to Training and MUM in Autumn 2012:
India, UAE, USA, China, Indonesia, Australia!
http://mum.mikrotik.com/

Who is online

Users browsing this forum: mbezuidenhout and 22 guests