Re: R: Enforcing attribute ACL on add operations
Pierangelo Masarati <ando(a)sys-net.it> wrote:
See ITS#4556 for discussion.
So this is not considered a security hole. But as far as I understand,
anyone that is allowed to add an entry anywhere can add a user with
random privileges. Did I miss something here? Can that be avoided?
--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu(a)netbsd.org