Using the setup wizard, default facility / device settings allow an unnecessary level of access from outside the app #106
Comments
dylanmccall
added a commit
that referenced
this issue
Jun 3, 2024
This feature is no longer useful due to improvements to Kolibri's setup wizard. The default settings are more permissive than before, but this is an issue that should be addressed in Kolibri itself: #106
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If I use the setup wizard in the kolibri-gnome app, Kolibri uses some default facility and device settings. In general, these are fine because the app plugin disables access from other browsers on its own. But I am concerned about:
facility_settings.learner_can_sign_up = TrueWhile this is a good default for Kolibri in general, I don't think it's a good default in this situation, because the promise of an app is it is self-contained. A user might be rather surprised to find that anyone else on the network who knows how to reach Kolibri will be able to create a learner account for as long as the app is running.
Instead, we should consider overriding this so Kolibri as an app is more self-contained. But ideally this is work that happens in Kolibri itself, perhaps with an addition to options.ini.
The text was updated successfully, but these errors were encountered: