[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7795) "manage" access right needs better description

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#7795) "manage" access right needs better description
From: pierangelo.masarati@polimi.it
Date: Fri, 31 Jan 2014 17:09:22 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

On 01/31/2014 05:49 PM, quanah@OpenLDAP.org wrote:
> Full_Name: Quanah Gibson-Mount
> Version: 2.4.39
> OS: Linux 2.6
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (75.111.58.125)
>
>
> The documentation in the Admin guide and the man pages for the "manage" ACL
> setting has virtual no documentation.  The only definitive statement is a very
> vague:
>
> " thus manage grants all access including administrative access"
>
> What does administrative access mean?

It allows write when write is granted and the "relax" control is 
present.  In practice, those who have "manage" access can perform those 
normally "prohibited" operations described in draft-zeilenga-ldap-relax.

p.

-- 
Pierangelo Masarati
Associate Professor
Dipartimento di Scienze e Tecnologie Aerospaziali
Politecnico di Milano

Prev by Date: (ITS#7795) "manage" access right needs better description
Next by Date: Re: (ITS#7795) "manage" access right needs better description
Index(es):
- Chronological
- Thread