[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: deleting ACL

To: Pierangelo Masarati <masarati@aero.polimi.it>
Subject: Re: deleting ACL
From: Alejandra Moreno <alejandra.moreno@atrete.ch>
Date: Mon, 14 Jan 2002 15:46:41 +0100
Cc: openldap-software@OpenLDAP.org
In-reply-to: <200201141405.g0EE5Pn11796@server.aero.polimi.it>
References: <Xns919697699E9C2dtiefniginfonova@192.168.9.70>

Yes, that's what I meant (sorry if I was not clear!), and yes I thought there was no way to separate from add/delete from modify permissions at the attribute level. However, could I specify a single user to add/delete? How can I do that?

At 15:05 14.01.2002 +0100, you wrote:

>
> Alejandra Moreno wrote...:
>
> > but this way you don't distinguish between writing and deleting!
>
> please _read_ my answers.

Maybe she means to distinguish between ADDING/DELETING and MODIFYING
an attribute instead of an entry. Alejandra should clarify her needs.

Daniel's answer is definitely correct, i.e. modify access to an entry
can be given without giving add/delete permission; however modify
access to an entry implies the ability to add and delete single
attributes (according to schema issues, of course). I think there's
no way to separate add/delete from modify permissions at the attribute
level.

Pierangelo.

______________________________________________________________________
Alejandra Moreno Espinar
at rete ag

mailto:alejandra.moreno@atrete.ch, http://www.atrete.ch
snail mail: Oberdorfstrasse 2, P.O. Box 674, 8024 Zurich, Switzerland
voice: +41-1-266 55 55, direct: +41-1-266 55 91, fax: +41-1-266 55 88
_____________________________________________________________________

Follow-Ups:
- Re: deleting ACL
  - From: Pierangelo Masarati <masarati@aero.polimi.it>

References:
- Re: deleting ACL
  - From: Daniel Tiefnig <openldap@qmail.infonova.at>
- Re: deleting ACL
  - From: Pierangelo Masarati <masarati@aero.polimi.it>

Prev by Date: RE: Backup && Restore
Next by Date: AW: Backup && Restore
Index(es):
- Chronological
- Thread