[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Am I still struggling with ACLs?



At 12:17 PM 7/16/2004, Quanah Gibson-Mount wrote:


>--On Friday, July 16, 2004 2:53 PM -0400 Josiah Ritchie <jritchie@bible.edu> wrote:
>
>>// I'm using the following ACLs:
>>
>>access to attr=userPassword
>>        by dn.base="cn=Manager,dc=cougarnet,dc=bible,dc=edu" write
>>        by group.exact="cn=Domain 
>Admins,ou=Groups,dc=cougarnet,dc=bible,dc=edu" write
>>        by self write
>>        by anonymous auth
>>        by * none break
>
>How about by * break

or just drop the clause (and rely on the implicit "by * none stop").
The break causes access for the remainder of the subjects
(e.g., *) to be dependent on subsequent access directives,
which seems pointless in this case.


>>access to *
>>        by dn.base="cn=Manager,dc=cougarnet,dc=bible,dc=edu" write
>>        by group.exact="cn=Domain 
>Admins,ou=Groups,dc=cougarnet,dc=bible,dc=edu" write
>>        by self write
>>        by * read
>
>
>--Quanah
>
>--
>Quanah Gibson-Mount
>Principal Software Developer
>ITSS/Shared Services
>Stanford University
>GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html