DSDB-ACL work
Andrew Bartlett
abartlet at samba.org
Thu Jan 17 18:52:08 MST 2013
On Thu, 2013-01-17 at 16:32 +0100, Stefan (metze) Metzmacher wrote:
> Hi Andrew,
>
> can you have a look at my progress the work to correct the dsdb acl
> handling,
> it's based on your patches, but reworked in some details to make then
> easier to
> understand.
>
> https://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master-ready
>
> I use acl_check_access_on_attribute() in a few more places and introduced
> a acl_check_access_on_objectclass() function.
>
> I haven't done much testing with it yet, but I expect it to work as
> desired now.
Thank you so much for working on that. I've read over them, and it
seems reasonable, but I need to do more of a review.
What is missing is a test for the read ACL stuff, that starts to work
after the pre-windows 2000 compatible access patch goes in.
I also need to run a wintest (given it did so well as finding ACL bugs
in the past). I'll start that now, hopefully it is in a good mood :-)
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list