[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Shell backend, modify method, ACL

> Yes, to properly evaluate ACLs, one needs a complete copy of
> entry.

  Ok, that is because the <who> part of an ACL can be computed from
the attributes of the entry, isn't it ?

  So a more correct (and complex) method may be to ask the shell-backend
to find the entry (sending a SEARCH request) then evaluate the ACL and only
then send a MODIFY request (for allowed modifications).

  Is there another flaw in this method ?