Hi, I'm trying to prevent access to shell:exec from the console to try and harden my karaf install.
I can revoke access from an admin user with "config:property-set -p org.apache.karaf.command.acl.shell exec uberadmin". I can also prevent the user from using config:property-set from restoring the permissions. What I can't seem to do is prevent an admin user from restoring permissions via the web console's Configuration gui. I want to permit remote access to the web console, but I don't want to give users the ability to run arbitrary commands on the server. Thanks, Paul
