[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: role based authorization -> dynacl module?

To: Michael Ströder <michael@stroeder.com>
Subject: Re: role based authorization -> dynacl module?
From: Shawn McKinney <smckinney@symas.com>
Date: Tue, 24 Apr 2018 14:52:00 -0500
Cc: openldap-technical@openldap.org
In-reply-to: <78232da5-43e7-6589-0154-2305dbaf0e5f@stroeder.com>
References: <feb332f1-c05d-ba57-3d3b-63887434d6f9@univention.de> <608426fe-1bea-9a7d-79a8-cfc8aa89760c@symas.com> <225da806-bcb2-502d-3f28-a62bd265a64e@stroeder.com> <78232da5-43e7-6589-0154-2305dbaf0e5f@stroeder.com>

> On Apr 24, 2018, at 10:28 AM, Michael Ströder <michael@stroeder.com> wrote:
> 
> Ah, forgot to make that more clear (and people tend to miss that point):
> 
> Æ-DIR's ACLs are _static_ and work their way through the actual data
> which is changed to alter the effective access rights.

+1 to static ACL’s to guard the directory and storing the access lists as data instead.

References:
- role based authorization -> dynacl module?
  - From: Daniel Tröder <troeder@univention.de>
- Re: role based authorization -> dynacl module?
  - From: Howard Chu <hyc@symas.com>
- Re: role based authorization -> dynacl module?
  - From: Michael Ströder <michael@stroeder.com>
- Re: role based authorization -> dynacl module?
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: role based authorization -> dynacl module?
Next by Date: Re: slapadd not adding some of the roleoccupent entries
Index(es):
- Chronological
- Thread