[Date Prev][Date Next]
Re: (ITS#7795) "manage" access right needs better description
On 01/31/2014 05:49 PM, quanah@OpenLDAP.org wrote:
> Full_Name: Quanah Gibson-Mount
> Version: 2.4.39
> OS: Linux 2.6
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (126.96.36.199)
> The documentation in the Admin guide and the man pages for the "manage" ACL
> setting has virtual no documentation. The only definitive statement is a very
> " thus manage grants all access including administrative access"
> What does administrative access mean?
It allows write when write is granted and the "relax" control is
present. In practice, those who have "manage" access can perform those
normally "prohibited" operations described in draft-zeilenga-ldap-relax.
Dipartimento di Scienze e Tecnologie Aerospaziali
Politecnico di Milano