[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8057) slapo-unique can be bypassed by anyone

Full_Name: Ondrej Kuznik
Version: master
URL: ftp://ftp.openldap.org/pub/Ondrej-Kuznik-20150214-ITS-8057-uniqueness-ACL.patch
Submission from: (NULL) (

This is caused by my fix for #6641. Since anyone can specify the manageDSAit
control on an operation it is trivial to bypass the uniqueness check as it

The above patch is derived from OpenLDAP Software. All of the
modifications to OpenLDAP Software represented in the above patches
were developed by Ondrej Kuznik <ondra@mistotebe.net>. I have not
assigned rights and/or interest in this work to any party. 

I, Ondrej Kuznik, hereby place the above modifications to OpenLDAP
Software (and only these modifications) into the public domain. Hence,
these modifications may be freely used and/or redistributed for any
purpose with or without attribution and/or other notice.