mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
Require compare (not read) access to entry attr for compare ops
This commit is contained in:
parent
64f81ee43b
commit
b0a0ac4914
@ -186,11 +186,8 @@ to the underlying program.
|
||||
The
|
||||
.B compare
|
||||
operation requires
|
||||
.B read (=r)
|
||||
access (FIXME: wouldn't
|
||||
.B compare (=c)
|
||||
be a more appropriate choice?)
|
||||
to the
|
||||
access to the
|
||||
.B entry
|
||||
pseudo-attribute
|
||||
of the object whose value is being asserted;
|
||||
|
@ -48,7 +48,7 @@ sock_back_compare(
|
||||
e.e_private = NULL;
|
||||
|
||||
if ( ! access_allowed( op, &e,
|
||||
entry, NULL, ACL_READ, NULL ) )
|
||||
entry, NULL, ACL_COMPARE, NULL ) )
|
||||
{
|
||||
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
|
||||
return -1;
|
||||
|
Loading…
Reference in New Issue
Block a user