[Date Prev][Date Next]
Re: access control 'set=' problem (ITS#3140)
> I think I got it: the function that evaluates if a set matches
> calls aci_match_set(), which on turn calls backend_attribute()
> to access the specific attribute that's used by the set in a
> backend-independent manner. This function has been recently
> reworked to only access those attributes that can be actually
> accessed by the requester, i.e. it assesses access permission
> as well, causing the andless recursion I mentioned earlier.
> I think a solution would be to specialize backend_attribute to
> skip ACL check on certain calls. I'll have a look at it.
It should now be fixed in HEAD; please test. Thanks for reporting
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497