exposing RELAX control on LDAP

[Matthieu Patou]

Hello endi,

I just noticed today that you made the relax control exposed on LDAP, 
I'm a bit worried about this as we tend to use this control maybe too 
often and I have the impression that it can be a security risk.

My first question to simo or andrew b. is  am I over reacting ? Is there 
possibly a threat ?

After comes the following one:

I suppose that if you did so it's for a good reason, so can you explain 
them, can we reduce the range of users that can use it (with ACLs for 
instance).

Matthieu.

-- 
Matthieu Patou	
Samba Team        http://samba.org