bug UAC?

[matteolop]

Hi, with a user profile with all prohibited permissions it is still possible to do/open these things:

1. enable/disable "automatic search for updates"
2. access the "info" panel with related machine codes, licenses and other data
3. "enter registration code" opens a window that allows you to paste any text.
4. "Jingle > assign" opens
5. "Tools > Report Generator" opens
6. "broadcasting statistics" opens
7. "set cast title" opens
8. "Play queue" opens
9. "Song request" opens
10. "Merge playlist into one file" opens

I haven't had time to try all the other functions/buttons.

Proposal: wouldn't it be easier to create a single "Lock" button to "fog" or prevent the use of the mouse on RadioBOSS except for the "user switch" area?
I also suggest a "Prevent minimize" option

All these tests were performed with a user, without permissions of any kind and password.
See attached photo.

Best regards

 

[djsoft]

This is not a bug as UAC is designed on a "blacklist" principle - that is, what's not disabled, is allowed to be used (as opposed to "whitelist" principle, where "everything is disabled except for things that are allowed"). We'll add more rules to disable additional areas like song requests or report generator.

 

[matteolop]

I understand. But why does it currently allow access to those things?
What if I wanted to almost completely limit access to RadioBOSS?
How could I do that?

 

[djsoft]

I understand. But why does it currently allow access to those things?
What if I wanted to almost completely limit access to RadioBOSS?
How could I do that?

Initially the point of UAC was to prevent users from accessing certain sensitive areas like modifying the scheduler, playlist generator templates etc.
We'll add more rules to control other areas as well.