[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5312) ldapmodify(1) man page claims that "changetype:" not necessary

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5312) ldapmodify(1) man page claims that "changetype:" not necessary
From: hyc@symas.com
Date: Wed, 9 Jan 2008 14:35:36 GMT

Hallvard B Furuseth wrote:
> Changing the -devel thread's example a bit, I'd say 2.3 accepted one
> dangerous bug, one unambigious but possibly misleading format (a modify
> record both with and witout "add/delete/replace: attribute" lines), and
> one safe format (changetype: modify but no add/delete/replace"):

No. If you (foolishly or unluckily) have attributes in your schema named 
"add", "delete", or "replace" then in <=2.3 you are completely hosed. There 
are no unambiguous or safe cases in these malformed inputs.

> OTOH it would be an LDIF-compatible extension to make the attribute
> description in "attribute: value" optional after "add/replace/delete:
> attribute".  Then one could omit the terminating "-" too.

Likewise, this is unsafe.

> Maybe it's time to take this to the ldapext list and hear what others
> do.
-- 
   -- Howard Chu
   Chief Architect, Symas Corp.  http://www.symas.com
   Director, Highland Sun        http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP     http://www.openldap.org/project/

Prev by Date: Re: (ITS#5312) ldapmodify(1) man page claims that "changetype:" not necessary
Next by Date: Re: (ITS#5312) ldapmodify(1) man page claims that "changetype:" not necessary
Index(es):
- Chronological
- Thread