[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapacl question

Should I file this as a bug?

On 8/22/06, TechnoSophos <technosophos@gmail.com> wrote: 
When using the slapacl program to test ACLs, how come slapacl
inidcates that a  user has 'read' permissions when the ACL restricts
to 'auth' only?

###

# slapacl -D 'uid=matt,ou=Users,dc=example,dc=com' -b
'uid=barbara,ou=Users,dc=example,dc=com' -d acl 'cn/read'
Backend ACL: access to attrs=userPassword
        by anonymous auth
        by self write
        by * none

Backend ACL: access to attrs=cn
        by users auth
        by self write
        by * none

Backend ACL: access to *
        by self write
        by users read
        by * none

authcDN: "uid=matt,ou=users,dc=example,dc=com"
=> access_allowed: read access to "" "cn" requested
=> access_allowed: backend default read access granted to
"uid=matt,ou=users,dc=example,dc=com"
read access to cn: ALLOWED

###

Note that the same things happens if I substitute '=x' for 'auth' in the acl.

Thanks,

Matt

(OpenLDAP version: 2.3.25)


For those of you perishing few who still have a problem with top
posting: should I file this as a bug?