https://bugs.openldap.org/show_bug.cgi?id=9753
--- Comment #12 from Howard Chu <[email protected]> --- (In reply to Michael Ströder from comment #9) > Thinking about this some more: It also seems to have pretty large security > impact for all systems/components relying on index attributes for access > control decisions, probably also slapd processing ACLs, slapo-unique, > slapo-constraint. ACL evaluation performs no search operations; it only compares a filter against the entry currently being checked. There is no security impact from this. > IMO it would be worth a public warning via openldap-announce list. -- You are receiving this mail because: You are on the CC list for the issue.
