[Date Prev][Date Next]
Re: schema definition precedence
Frank Swasey wrote:
Another example is uid, which is a security hole the size of Texas --
allowing substring matches so spammers can grab all your addresses! If
you want to use uid (and not have to redefine [like I am about to] every
objectClass that uses uid), you HAVE to modify it to remove substring
searches or you become a spam magnet.
Nope. That's a matter of proper access control and indexing/limit settings,
hence a matter of server configuration not schema design.