--- Comment #8 from Ondřej Kuzník <ondra(a)mistotebe.net> ---
thanks for continuing to work on this. I've had a look at your latest
patch. It looks better, now we need to make sure we nail down the
explanation in all cases mentioned.
Running a quick check with authorization (idassert etc.) it seems a bit
more complicated than described. Access looks to be checked with the
credentials of the authenticated account, not anonymous. Have a look at
the code or slapd (level acl) logs in scenarios like test014/028 to see
what actually happens.
You are receiving this mail because:
You are on the CC list for the bug.