[389-devel] Please review: [389 Project] #448: Possible to set invalid macros in Macro ACIs
Noriko Hosoi
nhosoi at redhat.com
Tue Oct 30 20:15:14 UTC 2012
https://fedorahosted.org/389/ticket/448
https://fedorahosted.org/389/attachment/ticket/448/0001-Trac-Ticket-448-Possible-to-set-invalid-macros-in-Ma.patch
Bug description: Syntax checking code in acl did not check the
macro syntax. Thus, invalide macro such as ($bogus.description)
could have been unexpectedly added.
Fix description: This patch adds the checking code: If acl contains
a keyword starting with "($" or "[$", only one of "($dn)", "[$dn]",
or "($attr." is allowed.
More information about the 389-devel
mailing list