Skip to content

What problem could Box solve for you?

← Help shape the future of Box

Disallow group admin from elevating group permission from admin console above their collaboration access

Currently if a group admin is individually invited to a folder as a viewer, the group admin can add the folder to a group as editors.

5 votes
AdminModerator (@ Box, Box) shared this idea  ·   ·  Report…  ·  Admin →
delivered  ·  katiele responded  · 

We have removed the ability for group admins to elevate access levels to folders. This has been shipped and is available in production.

Comments are closed An error occurred while saving the comment
  • Frederic Breard commented  ·   ·  Report

    We are facing the same problem at a major Box client (20K seats).
    We are intensively using groups and group admins and this issue creates a huge security breach.
    This should not be considered as a suggestion for a new feature but as a major security risk which request an urgent fix.

    Regards
    FB

    This is a major issue that impact directly the security of Box.

  • AdminKoji Shiraishi (Admin, Box) commented  ·   ·  Report

    If the user account of Group Admin is invited as a Viewer (or whatever access level lower than Editor), she should not be able to change this.

    However, Group Admin can edit this access level by going to group settings, and edit a shared folder of the group

Help shape the future of Box: Admin Console

Categories

Feedback and Knowledge Base

(thinking…)

By entering and viewing this page, you agree to be bound by (1) UserVoice Terms of Service and the (2) Box Community Terms of Use. In the event of a direct conflict between the foregoing terms of service with respect to the Box Community Guidelines, Feedback and Suggestions, the Box Community Terms of Use shall take precedence as between you and Box.