[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACLs broken by ITS#5419

To: openldap-its@OpenLDAP.org
Subject: Re: ACLs broken by ITS#5419
From: hyc@symas.com
Date: Mon, 24 Mar 2008 23:28:13 GMT

rein@basefarm.no wrote:
> Full_Name: Rein Tollevik
> Version: CVS head
> OS: linux, solaris
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (84.215.2.34)
>
>
> The change to servers/slapd/backend.c for ITS#5416 seem to have broken the
> ability for group and set statements in access control lines to refer to entries
> outside the backend currently being operated on.

That ability was never intended in the first place. Historically, backends in 
slapd have been treated as isolated DSAs with no connection to each other. 
They've required special mechanisms (like back-relay or slapo-glue) to be joined.
-- 
   -- Howard Chu
   Chief Architect, Symas Corp.  http://www.symas.com
   Director, Highland Sun        http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP     http://www.openldap.org/project/

Prev by Date: ACLs broken by ITS#5419
Next by Date: Re: ACLs broken by ITS#5419
Index(es):
- Chronological
- Thread