30 Nov
2021
30 Nov
'21
12:16 a.m.
https://bugs.openldap.org/show_bug.cgi?id=9753
--- Comment #13 from Michael Ströder michael@stroeder.com --- (In reply to Howard Chu from comment #12)
ACL evaluation performs no search operations; it only compares a filter against the entry currently being checked. There is no security impact from this.
What about set-based ACLs with ldap://... parts?
And IMO correct functional behaviour of slapo-unique and slapo-constraint is also security-relevant.
--
You are receiving this mail because:
You are on the CC list for the issue.