> Using the actual IP address instead of a wildcard, I was able to > reproduce the situation you described: a user on the client with no > tokens is a member of system:authuser. (I should have been more > thorough when playing around with this yesterday, but opted to save > time instead.) > > This seems like a bad thing to me. Does anyone see a reason that it > would be desirable to have specific IP address entries lead to > system:authuser membership? If not, I'll have the code changed. Somehow, I thought that was the point - by putting the machine on the ACL, *any* user (most usefully, root) would be able to have the specified access to the directory. How else would this work? There should be a difference between ip_addr:user (_only_ that user) and ip_addr on an ACL, of course... Pat Wilson Systems Manager, NORTHSTAR [EMAIL PROTECTED]
- Re: PAG Instructions, Please Paul Howell
- Re: PAG Instructions, Please Joseph_Jackson
- Re: PAG Instructions, Pleas... Scott Dawson
- Re: PAG Instructions, Please Allen Hebert
- Re: PAG Instructions, Please Randolph J. Herber, CD/DCD/SPG, x2966
- Re: PAG Instructions, Please Randolph J. Herber, CD/DCD/SPG, x2966
- Re: PAG Instructions, Please Jon S. Stumpf
- Re: PAG Instructions, Please Paul Howell
- Re: PAG Instructions, Please Joseph_Jackson
- Re: PAG Instructions, Pleas... Pat Wilson
- Re: PAG Instructions, Please Paul Howell
- Re: PAG Instructions, Please Jeffrey J. Carpenter
- Re: PAG Instructions, Please Joseph_Jackson
- Re: PAG Instructions, Pleas... Dimitris_Varotsis
- Re: PAG Instructions, Pleas... Keith Gorlen
- Re: PAG Instructions, P... Mike_Kazar
- Re: PAG Instruction... Wallace Colyer
- Re: PAG Instructions, Pleas... Scott Dawson
- Re: PAG Instructions, Please Michael E. Winslett
