[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3532) test006-acls: warning: cannot assess the validity of the ACL scope within backend naming context

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#3532) test006-acls: warning: cannot assess the validity of the ACL scope within backend naming context
From: h.b.furuseth@usit.uio.no
Date: Tue, 30 Aug 2005 19:37:09 GMT

Pierangelo Masarati writes:
> Works as intended.  (...)  For instance,
> access to *
>     by * read
> can appear anywhere, but it's not quite good inside a
> backend because it also scopes outside.

I don't understand.  Can an ACL inside a database definition
sometimes be applied to data outside that database?  Or
maybe I should ask, data outside that database's suffix?

Please document the pitfalls of not including a DN in all of
a database's ACLs (or explain it and I'll document it:-).
I don't like to not understand what I'm fixing when I shut
up a warning, nor leaving a warning like that alone.

-- 
Hallvard

Prev by Date: Re: (ITS#3988) Slapd crashing randomly after a failed bind
Next by Date: (ITS#3989) syncprov core dumps when combined with uniqueness overlay
Index(es):
- Chronological
- Thread