We check for this weak permission in hook_permission() on D7, we need to do the same for Drupal 8 again. Many people still get this wrong.

Comments

klausi created an issue. See original summary.

  • klausi committed b057a04 on 8.x-2.x 
    feat(RoutingAccessSniff): Add check for weak 'access administration...
klausi’s picture

klausi
he/him||they/them
Primary language German
Location 🇦🇹 Vienna
CreditAttribution: klausi at jobiqo - job board technology commented
Status: Active » Fixed

Committed a check for that.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.