[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3472) return code should be 32 when no access to object

At 05:40 AM 1/11/2005, Pierangelo Masarati wrote:
>Of course, all my dscussion about write operations may sound academic, because writes need authentication; I guess we better focus on reads right now.

Not academic at all.

If an add fails for some reason, such as the parent object not
existing, the server has to decide what value to return as
matchedDN.  If the user doesn't have "disclose" permission on
the nearest superior, then matchedDN should be empty.

> Another note is: we don't check entry access for compares;
>this means that a compare should return noSuchObject as well if no disclose is granted for that entry, otherwise attackers could exploit it.

If the compare fails for some reason, then we need to
decide what we can or cannot disclose.  In doing this,
we may need to look at "disclose" on the target attribute,
"disclose" on the entry, and possibly "disclose" on the
nearest superior entry.

>   SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497