On Mon, Nov 10, 2008 at 12:01:16PM -0800, Quanah Gibson-Mount wrote:
Currently, ACL evaluation doesn't behave the way people always expect on ADD operations (see ITS#4556). This has been fixed in HEAD, but not currently applied to RE24. I'm currently working on 2.4.13, and wanted to gather general feedback on whether or not it is thought this change should be included. It is a distinct change in behavior, and will break expected behavior for some folks.
It is not clear from the ITS page exactly what the fix eventually was. The discussion turned to ditStructureRules at followup 6, and by followup 8 it appears that the issue is considered 'fixed'.
I assume that the fix was to enforce ACLs on the attributes of an entry before adding it, as originally requested in the ITS. This will need a note in the Admin Guide, but it seems like a Good Thing To Do. I would consider the old (non-enforcing on add) behaviour to be wrong so I would not be worried by the ACLs being enforced in a future version.
Andrew