[Date Prev][Date Next]
Re: does back-sql bypass ACL ?
Thomas Cramer <firstname.lastname@example.org> writes:
> I can't totally recall without looking at the code (maybe Kurt knows
> better), but the access atributes are controlled by the "core" part of
It seems to be true for reading operation only no for others for example:
in function backsql_add:
it verifies if:
- dn is valid
- objectclass exists.
- "create procedure" exists for the sgbd.
After, this function get a connection to the sgbd and calls the
"add" procedure of the sgbd. It do not see any acl verificiation.
I imagine that no verifications are made before calling this function
since this is here that validities of dn and objectclass are
checked. Maybe i am wrong.