[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: acis for public access



BTW, please submit all patches you like considered for
incorporation into OpenLDAP via our Issue Tracking System <http://www.openldap.org/its/> per our contributing
guidelines <http://www.openldap.org/devel/contributing.html>.


At 11:18 AM 9/3/00 +0200, Michael Weiser wrote:
>Hi,
>
>I'm just playing around with aci support in latest OpenLDAP cvs.
>Therefore I read the mailinglist-archives as well as
>draft-ietf-ldapext-acl-model-0[346].txt. Since OpenLDAP for now only
>supports pieces of revision 04 but I need the functionality of making
>attributes public, means giving access to anonymous users, which got
>introduced in revision 06, I patched the aci support a bit to allow
>just that. Therefore I introduced a <dnType> of "public", which
>ignores the <subjectDN> and just grants whatever right is given by
><rights>.
>
>So I just want to commit what I done and here the gurus' opinion if
>there's any oversight or complete misunderstanding which opens
>security holes.
>
>In which direction is aci support going to be developed anyway? Will
>future drafts or an RFC get implemented or is OpenLDAP going to
>provide its own syntax? Is development done at all?
>
>Thanks for your great work so far!
>-- 
>bye, Michael