[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ACLs for add, delete, modrdn LDBM operations
I've been digging around our ldbm add/delete codes and I found
that we require parent write access to attr "children" add a child
entry but we do not require parent write access to delete same.
I believe write permission to the entry should only allow the
entry itself to be modified, but not deleted or modrdn'ed.
Unless I'm missing somthing, modrdn doesn't appear to do any
acl enforcement. I believe we should require permission to
write to the parent's "children" attr to change the rdn of a
child.
Comments?
Kurt