[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3639) Inconsistent access checking in back-shell?

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#3639) Inconsistent access checking in back-shell?
From: ando@sys-net.it
Date: Fri, 8 Apr 2005 19:41:44 GMT

ando@sys-net.it wrote:

>OK. p.
>  
>

On a related note: back-dnssrv is returning referrals, or referral 
entries when the manageDSAit control is used, but no access control is 
performed.  I guess we should add the capability to control what is 
returned (which is already provided for entries by the frontend, but 
none is in place with respect to referrals or search references), and 
also the capability to control who can access the feature, by checking 
for "search" access to a dummy object representing the searchBase.  This 
may be of use when a dnssrv request is issued with respect to a DSA that 
can auth users, say, stored in a local database before they access the 
dnssrv service.

p.

    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

Prev by Date: Re: (ITS#3639) Inconsistent access checking in back-shell?
Next by Date: Re: (ITS#3635)
Index(es):
- Chronological
- Thread