On Mon, Nov 10, 2008 at 12:01:16PM -0800, Quanah Gibson-Mount wrote: > Currently, ACL evaluation doesn't behave the way people always expect on > ADD operations (see ITS#4556). This has been fixed in HEAD, but not > currently applied to RE24. I'm currently working on 2.4.13, and wanted to > gather general feedback on whether or not it is thought this change should > be included. It is a distinct change in behavior, and will break expected > behavior for some folks.
It is not clear from the ITS page exactly what the fix eventually was. The discussion turned to ditStructureRules at followup 6, and by followup 8 it appears that the issue is considered 'fixed'. I assume that the fix was to enforce ACLs on the attributes of an entry before adding it, as originally requested in the ITS. This will need a note in the Admin Guide, but it seems like a Good Thing To Do. I would consider the old (non-enforcing on add) behaviour to be wrong so I would not be worried by the ACLs being enforced in a future version. Andrew -- ----------------------------------------------------------------------- | From Andrew Findlay, Skills 1st Ltd | | Consultant in large-scale systems, networks, and directory services | | http://www.skills-1st.co.uk/ +44 1628 782565 | -----------------------------------------------------------------------
