--- Comment #11 from Karl O. Pinc <kop(a)karlpinc.com> ---
On Thu, 18 Feb 2021 14:16:29 +0000
--- Comment #10 from Ondřej Kuzník <ondra(a)mistotebe.net> ---
On Tue, May 19, 2020 at 02:31:12PM +0000, openldap-its(a)openldap.org
>> thanks for continuing to work on this. I've had a look at your
>> latest patch. It looks better, now we need to make sure we nail
>> down the explanation in all cases mentioned.
>> Running a quick check with authorization (idassert etc.) it seems a
>> bit more complicated than described. Access looks to be checked
>> with the credentials of the authenticated account, not anonymous.
>> Have a look at the code or slapd (level acl) logs in scenarios like
>> test014/028 to see what actually happens.
> I'll take a look when I get a chance. Thanks for the help.
just checking if you had an updated version of the docs?
No. I'll see if I can look at what you bring up today or
tomorrow. I did test everything I documented.
Of course I could have made a mistake.
I'm thinking of putting a patch together to add a
regression test to demonstrate. I'm hoping that
will either satisfy you or prove me wrong.
(I would not be submitting such a patch for inclusion,
doing that would be up to you.)
If you think this is the wrong approach please let me know.
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
You are receiving this mail because:
You are on the CC list for the issue.