From c14e006a01b4674e53adcf94818c0d5a87fc3220 Mon Sep 17 00:00:00 2001
From: Timo Pollmeier <timo.pollmeier@greenbone.net>
Date: Mon, 27 Apr 2020 13:51:29 +0200
Subject: [PATCH 1/3] Send host_allow preference if user hosts is empty

This makes it possible to forbid users to scan any hosts.
---
 src/manage.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/manage.c b/src/manage.c
index 1b613d0ed..16b9ea182 100644
--- a/src/manage.c
+++ b/src/manage.c
@@ -1880,7 +1880,7 @@ send_hosts_access_preferences (void)
   hosts = user_hosts (current_credentials.uuid);
   hosts_allow = user_hosts_allow (current_credentials.uuid);
 
-  if (hosts && strlen (hosts))
+  if (hosts_allow || (hosts && strlen (hosts)))
     {
       char *pref;
 
@@ -1894,7 +1894,7 @@ send_hosts_access_preferences (void)
           return 0;
         }
 
-      if (sendf_to_server ("%s <|> %s\n", pref, hosts))
+      if (sendf_to_server ("%s <|> %s\n", pref, hosts ? hosts : ""))
         {
           g_free (hosts);
           return -1;

From dfca6928c6e7700acb44ed3a57e67d1cca70c917 Mon Sep 17 00:00:00 2001
From: Timo Pollmeier <timo.pollmeier@greenbone.net>
Date: Mon, 27 Apr 2020 14:01:15 +0200
Subject: [PATCH 2/3] Send ifaces_allow preference if ifaces is empty

This makes it possible to forbid users to access any inferfaces.
---
 src/manage.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/manage.c b/src/manage.c
index 16b9ea182..d6e3a789a 100644
--- a/src/manage.c
+++ b/src/manage.c
@@ -1842,7 +1842,7 @@ send_ifaces_access_preferences (void)
   ifaces = user_ifaces (current_credentials.uuid);
   ifaces_allow = user_ifaces_allow (current_credentials.uuid);
 
-  if (ifaces && strlen (ifaces))
+  if (ifaces_allow || (ifaces && strlen (ifaces)))
     {
       char *pref;
 
@@ -1856,7 +1856,7 @@ send_ifaces_access_preferences (void)
           return 0;
         }
 
-      if (sendf_to_server ("%s <|> %s\n", pref, ifaces))
+      if (sendf_to_server ("%s <|> %s\n", pref, ifaces ? ifaces : ""))
         {
           g_free (ifaces);
           return -1;

From 996c5d61b5c1a303b3e76b8ccb901d3c43258fe3 Mon Sep 17 00:00:00 2001
From: Timo Pollmeier <timo.pollmeier@greenbone.net>
Date: Mon, 27 Apr 2020 14:57:52 +0200
Subject: [PATCH 3/3] Add preference changes to CHANGELOG

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 02dccdf44..00d11d479 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -23,6 +23,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Update SCAP and CERT feed info in sync scripts [#808](https://github.com/greenbone/gvmd/pull/808)
 - Count only best OS matches for OS asset hosts [#1027](https://github.com/greenbone/gvmd/pull/1027)
 - New Community Feed download URL in sync tools [#1043](https://github.com/greenbone/gvmd/pull/1043)
+- Do not ignore empty hosts_allow and ifaces_allow [#1062](https://github.com/greenbone/gvmd/pull/1062)
 
 ### Fixed
 - Allow to migrate gvmd 8 sqlite3 database to postgres with gvm-migrate-to-postgres script