[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Am I still struggling with ACLs?
At 12:17 PM 7/16/2004, Quanah Gibson-Mount wrote:
>--On Friday, July 16, 2004 2:53 PM -0400 Josiah Ritchie <jritchie@bible.edu> wrote:
>
>>// I'm using the following ACLs:
>>
>>access to attr=userPassword
>> by dn.base="cn=Manager,dc=cougarnet,dc=bible,dc=edu" write
>> by group.exact="cn=Domain
>Admins,ou=Groups,dc=cougarnet,dc=bible,dc=edu" write
>> by self write
>> by anonymous auth
>> by * none break
>
>How about by * break
or just drop the clause (and rely on the implicit "by * none stop").
The break causes access for the remainder of the subjects
(e.g., *) to be dependent on subsequent access directives,
which seems pointless in this case.
>>access to *
>> by dn.base="cn=Manager,dc=cougarnet,dc=bible,dc=edu" write
>> by group.exact="cn=Domain
>Admins,ou=Groups,dc=cougarnet,dc=bible,dc=edu" write
>> by self write
>> by * read
>
>
>--Quanah
>
>--
>Quanah Gibson-Mount
>Principal Software Developer
>ITSS/Shared Services
>Stanford University
>GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html