[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: (ITS#4759) aci comptibilty to V2.1; multiple attrs

> I have no objection at accepting this code, since it seems to 
> create no backwards compatibility issues but rather solves a 
> (irrelevant?) compatibility issue with an ancient version of 
> the code in an area that I believe to be of questionable 
> usefulness.  

At least it had help me by upgrading a bunch of servers from 2.1 which used
this feature.

> In fact, ACIs have been deprecated ever since, 
> so I wouldn't spend too much time with them.  If there's no 
> IPR issues (as, for what I can tell, there appear to be 
> none), I'd try to apply the patch to HEAD code.


We use ACI, because we have a setup where we replicate different parts of
the tree to different slave ldap servers. By using ACI's the access
information get's replicated too. To get the same behaviour with ACL's it
would be much more compilcated, because we would need to sort out which
ACL's to replicate and which not, because not simply subtrees are replicated
(we cannot simply replicate all ACL's because this would leak too much

>From this point of view ACI are quite usefull, at least for us.


** Virus checked by BB-5000 Mailfilter **