[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7795) "manage" access right needs better description

On 01/31/2014 05:49 PM, quanah@OpenLDAP.org wrote:
> Full_Name: Quanah Gibson-Mount
> Version: 2.4.39
> OS: Linux 2.6
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (
> The documentation in the Admin guide and the man pages for the "manage" ACL
> setting has virtual no documentation.  The only definitive statement is a very
> vague:
> " thus manage grants all access including administrative access"
> What does administrative access mean?

It allows write when write is granted and the "relax" control is 
present.  In practice, those who have "manage" access can perform those 
normally "prohibited" operations described in draft-zeilenga-ldap-relax.


Pierangelo Masarati
Associate Professor
Dipartimento di Scienze e Tecnologie Aerospaziali
Politecnico di Milano