diff options
author | Max Kellermann <max@duempel.org> | 2011-02-27 23:35:00 +0100 |
---|---|---|
committer | Max Kellermann <max@duempel.org> | 2011-02-27 23:35:00 +0100 |
commit | 2abad0f479e434b741d9564bf6b9afc95d7e5891 (patch) | |
tree | d158fc56d62ee571c9ebdc8898a6ded05a1e8069 /src/command.c | |
parent | 2fb40fe728ac07574808c40034fc0f3d2254d49d (diff) | |
download | mpd-2abad0f479e434b741d9564bf6b9afc95d7e5891.tar.gz mpd-2abad0f479e434b741d9564bf6b9afc95d7e5891.tar.xz mpd-2abad0f479e434b741d9564bf6b9afc95d7e5891.zip |
command: "update" and "rescan" need only "CONTROL" permission
From http://bugs.debian.org/513291
"In mpd.conf, the "admin" permission covers updating the db and
killing mpd.
"Since there are quite some usecases in which the user can upload
music to the mpd's directory by means of anonymous FTP or so, it is
desirable that any user may issue a db update, while killing the mpd
should not be possible.
"I'd suggest to remove the db update from the admin group and either
add it to "control" or an own group."
Diffstat (limited to 'src/command.c')
-rw-r--r-- | src/command.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/command.c b/src/command.c index aeed55a1b..03d48a38a 100644 --- a/src/command.c +++ b/src/command.c @@ -2070,7 +2070,7 @@ static const struct command commands[] = { handle_replay_gain_mode }, { "replay_gain_status", PERMISSION_READ, 0, 0, handle_replay_gain_status }, - { "rescan", PERMISSION_ADMIN, 0, 1, handle_rescan }, + { "rescan", PERMISSION_CONTROL, 0, 1, handle_rescan }, { "rm", PERMISSION_CONTROL, 1, 1, handle_rm }, { "save", PERMISSION_CONTROL, 1, 1, handle_save }, { "search", PERMISSION_READ, 2, -1, handle_search }, @@ -2091,7 +2091,7 @@ static const struct command commands[] = { { "swapid", PERMISSION_CONTROL, 2, 2, handle_swapid }, { "tagtypes", PERMISSION_READ, 0, 0, handle_tagtypes }, { "unsubscribe", PERMISSION_READ, 1, 1, handle_unsubscribe }, - { "update", PERMISSION_ADMIN, 0, 1, handle_update }, + { "update", PERMISSION_CONTROL, 0, 1, handle_update }, { "urlhandlers", PERMISSION_READ, 0, 0, handle_urlhandlers }, }; |