> > I will clean up and publish the usl tool set in the future to help > > other people test their own LDAP secuity controls. > > > > > > Nice! This would be a good addition to our admin/management tools, > if > you would like to submit it. Please open a ticket and attach the > code > to it (or just point us to your github or wherever you are hosting > this). Might I suggest the name "audit_acis"? >
It needs a lot of work before it can be added: At the moment you have to hand define your acis in the system to actually test. My future work will be to make this read the set of acis and auto -generate tests from these. This will be able to: * Automatically find potentially conflicting acis * List all attributes that an aci provides access to on target objects * Make it a lot easier to "drop in" and use. Once I've done this, I'll certainly make it available. At the same time, I have some other python tools to submit also. Glad that you liked it! -- William <[email protected]>
signature.asc
Description: This is a digitally signed message part
-- 389 users mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/389-users
