[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Tests works fine - still not working when installed... - 2.3.7





--On Monday, September 26, 2005 5:46 PM -0700 Olaf Beck <olaf_sc@yahoo.com> wrote:

# Sample Access Control
#       Allow read access of root DSE
#       Allow self write access
#       Allow authenticated users read access
#       Allow anonymous users to authenticate
#
# access to * by *
access to * by self write
access to * by * read
access to * by anonymous read

You obviously don't understand ACL's, given the above. It looks to me like the server is acting exactly the way you told it to.


ACL's are applied as they are encountered, and stop at the first matching ACL. That means the only ACL *ever* evaluated above is:

access to * by self write


I think what you *really* are looking for here is:

access to *
	by self wite
	by * read


Which is the correct equivalent to what you wrote. Note that the above ACL set will expose user passwords if you have them in the database, so is not particularly secure.


--Quanah


-- Quanah Gibson-Mount Principal Software Developer ITSS/Shared Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin