[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL for only creating entry



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



> This rule is totally unnecessary.  It has nothing to do with
> access to users, i.e entries below "ou=users,dc=theoretic,dc=com.

See other mail.

>
> With the first rule on top you gave webregister write access
> only to the "entry" meta-attribute, which is totally meaningless.

Thank you!
It's not so meaninless in my experience !
But then again, I get fooled unlimitless by ACL's.

>
> Then webregister will have write access only below the
> "ou=users,dc=example,dc=com" subtree.

That's NOT the goal!
The goal is that webregister can write something and then later NOT read it.

I believe it's possible, from my experiments - however, I don't understand the 
theory behind it. If you can debunk the theory, I'd be glad - but please do 
it with 'exact science' ;-)

website: http://www.suares.nl * http://www.qwikzite.nl
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)

iD8DBQE/3addy7boE8xtIjURAriHAKC1J2q44lrBEmGMtwaebGpcc8DDUgCdHgLG
BD5S4mdhhbw3viPpay4/1k0=
=ZHa1
-----END PGP SIGNATURE-----