[Date Prev][Date Next]
Re: (ITS#3532) test006-acls: warning: cannot assess the validity of the ACL scope within backend naming context
Pierangelo Masarati writes:
> Works as intended. (...) For instance,
> access to *
> by * read
> can appear anywhere, but it's not quite good inside a
> backend because it also scopes outside.
I don't understand. Can an ACL inside a database definition
sometimes be applied to data outside that database? Or
maybe I should ask, data outside that database's suffix?
Please document the pitfalls of not including a DN in all of
a database's ACLs (or explain it and I'll document it:-).
I don't like to not understand what I'm fixing when I shut
up a warning, nor leaving a warning like that alone.