IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Docs: Update phrasing line 35 (#22152)

Browse Source 
Idea is to provide information to the user that query can be executed on any data source that is available in grafana, therefore suggested little modification
This commit is contained in:
Mohit Nain 2020-02-14 00:04:58 +05:30 committed by GitHub
parent 63d999a739
commit 4f94a4c495
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/sources/installation/security.md
View File

@ -32,7 +32,7 @@ Require all network requests being made by Grafana to go through a proxy server.
## Limit Viewer query permissions
Users with the Viewer role can enter *any possible query* in *all* data sources available in the **organization**, not just the queries that are defined on the dashboards for which the user has Viewer permissions.
Users with the Viewer role can enter *any possible query* in *any* of the data sources available in the **organization**, not just the queries that are defined on the dashboards for which the user has Viewer permissions.
**For example:** In a Grafana instance with one data source, one dashboard, and one panel that has one query defined, you might assume that a Viewer can only see the result of the query defined in that panel. Actually, the Viewer has access to send any query to the data source. With a command-line tool like curl (there are lots of tools for this), the Viewer can make their own query to the data source and potentially access sensitive data.