[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Tests works fine - still not working when installed... - 2.3.7
- To: Quanah Gibson-Mount <quanah@stanford.edu>, openldap-software@OpenLDAP.org
- Subject: Re: Tests works fine - still not working when installed... - 2.3.7
- From: Olaf Beck <olaf_sc@yahoo.com>
- Date: Mon, 26 Sep 2005 21:33:48 -0700 (PDT)
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=gTEFBY+4bpelMVbJKpx5ZObMvOE6swAzGgqFnYhZkAUjS/9UuIMEnsHY7oFtbFsQdkaJKC85AKRALO0PAgCkpL7BeUPp8aQAOaXUQJRavuAET4/wQ7CEuX37D9FksPjZdVcxakh0IIITiAMLCkJX5RwGwMfhXsoaDZvsPpRvO+M= ;
- In-reply-to: <90DACB96A9EC8C86CF269E68@cadabra-dsl.stanford.edu>
Hello,
Thanks! Since I'm not at work will it solve the issue
with the error I'm getting?
Cheers Olaf
--- Quanah Gibson-Mount <quanah@stanford.edu> wrote:
>
>
> --On Monday, September 26, 2005 5:46 PM -0700 Olaf
> Beck <olaf_sc@yahoo.com>
> wrote:
>
> ># Sample Access Control
> ># Allow read access of root DSE
> ># Allow self write access
> ># Allow authenticated users read access
> ># Allow anonymous users to authenticate
> >#
> ># access to * by *
> > access to * by self write
> > access to * by * read
> > access to * by anonymous read
>
> You obviously don't understand ACL's, given the
> above. It looks to me like
> the server is acting exactly the way you told it to.
>
> ACL's are applied as they are encountered, and stop
> at the first matching
> ACL. That means the only ACL *ever* evaluated above
> is:
>
> access to * by self write
>
>
> I think what you *really* are looking for here is:
>
> access to *
> by self wite
> by * read
>
>
> Which is the correct equivalent to what you wrote.
> Note that the above ACL
> set will expose user passwords if you have them in
> the database, so is not
> particularly secure.
>
> --Quanah
>
>
> --
> Quanah Gibson-Mount
> Principal Software Developer
> ITSS/Shared Services
> Stanford University
> GnuPG Public Key:
> http://www.stanford.edu/~quanah/pgp.html
>
> "These censorship operations against schools and
> libraries are stronger
> than ever in the present religio-political climate.
> They often focus on
> fantasy and sf books, which foster that deadly enemy
> to bigotry and blind
> faith, the imagination." -- Ursula K. Le Guin
>
>