Re: R: Enforcing attribute ACL on add operations

27 Sep 2008


      Pierangelo Masarati ando@sys-net.it wrote:
...
See ITS#4556 for discussion.
So this is not considered a security hole. But as far as I understand,
anyone that is allowed to add an entry anywhere can add a user with
random privileges. Did I miss something here? Can that be avoided?
-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

Re: R: Enforcing attribute ACL on add operations