[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3480) back-sql and ACL issues



[diverted to -devel]

> In most cases, ACL checking features can only be partially exploited
> within
> back-sql, because only the essential portions of the entries are computed
> for
> each operation before calling access_allowed().  As a consequence, access
> clauses like "dnattr" and so cannot be used if the appropriate attribute
> values
> have not been collected.  A side effect is that the requested attribute
> types/values affect access to the same entry.

I'm not too much keen to forcing back-sql to always generate the entire
entry, at least for searches.

I'm considering the opportunity to do so for updates, for security
concerns, and to provide either:

1) a configuration statement that forces the full generation of the entire
entry also for searches, to be used when one decides to implement access
control based on the target's content; or

2) a configuration statement that allows to list the attributes that
should always be requested in addition to those specific for an operation,
so administrators can provide hints to help access control.

Implementing both could be a further option.

Comments?

p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497