[Date Prev][Date Next]
sizelimit evaluated before ACLs?
I'm sorry if this has already been discussed, but I can't seem to find
such a thread in the archives...
With OL 2.2.29 it looks to me like the sizelimit specified by a client
search is evaluated after the ACLs on the server side, so that if a client
specifies a sizelimit of 10 and receives 8 results, it may be obvious that
2 entries matched the filter but failed the ACL check, disclosing perhaps
more information than the directory maintainers would like.
Is this expected/intended behavior?
Eric Irrgang - UT Austin ITS Unix Systems - (512)475-9342