[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: R: Enforcing attribute ACL on add operations

To: ando@sys-net.it (Pierangelo Masarati)
Subject: Re: R: Enforcing attribute ACL on add operations
From: manu@netbsd.org (Emmanuel Dreyfus)
Date: Sat, 27 Sep 2008 19:27:57 +0200
Cc: openldap-devel@openldap.org
In-reply-to: <506062.48651222533605113.JavaMail.root@mail2.sys-net.it>
User-agent: MacSOUP/2.7 (unregistered for 617 days)

Pierangelo Masarati <ando@sys-net.it> wrote:

> See ITS#4556 for discussion.

So this is not considered a security hole. But as far as I understand,
anyone that is allowed to add an entry anywhere can add a user with
random privileges. Did I miss something here? Can that be avoided?

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org

Follow-Ups:
- R: Re: R: Enforcing attribute ACL on add operations
  - From: Pierangelo Masarati <ando@sys-net.it>

References:
- R: Enforcing attribute ACL on add operations
  - From: Pierangelo Masarati <ando@sys-net.it>

Prev by Date: R: Enforcing attribute ACL on add operations
Next by Date: R: Re: R: Enforcing attribute ACL on add operations
Index(es):
- Chronological
- Thread