[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#3639) Inconsistent access checking in back-shell?
Full_Name: Pierangelo Masarati
Version: HEAD/2.3/2.2
OS: Linux (whitebox)
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (81.72.89.40)
There appears to be an inconsistency between the behavior of back-shell and that
of all the remaining backends with respect to access checking for the modify
operation; back-shell appears to check for write permission to the entry
pseudo-attribute before attempting to send modifications to the underlying
script. In general, access checking is pretty loose in preparing write
operations for back-shell, but this may be regarded as necessary because of its
intrinsic design limitations. However, the highlighted behavior appears to be
more over-restrictiveand inconsistent.
p.