[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3625) [enhancement] per-operation ACLs

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#3625) [enhancement] per-operation ACLs
From: ando@sys-net.it
Date: Fri, 1 Apr 2005 20:16:40 GMT

ando@sys-net.it wrote:

>I'll prepare a prototype in a moment.
>  
>
The patch is @ 
<ftp://ftp.openldap.org/incoming/pierangelo.masarati.per-op-acl-2005-04-01.patch>

Syntax:

access to [...] op=[!]<oplist>
    by ...
where <oplist> is a comma-separated list of "compare", "search" (same as 
"read"), "add", "delete", "modify", "rename" (same as "write"), "bind", 
"extended".  I haven't considered "unbind" and "abandon", because they 
seem to make little sense, nor specialized "extended" to the known ops 
because this is just to get the feeling.

Please comment.

Ciao, p.


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

Prev by Date: Re: (ITS#3625) [enhancement] per-operation ACLs
Next by Date: Re: (ITS#3612) Segfault in libraries/libldap/result.c
Index(es):
- Chronological
- Thread