[Freeipa-devel] [PATCH] 609 Reduce the number of attributes a host is allowed to write.
Rob Crittenden
rcritten at redhat.com
Mon Nov 15 16:00:26 UTC 2010
Jakub Hrozek wrote:
> On Wed, Nov 10, 2010 at 04:25:18PM -0500, Rob Crittenden wrote:
>> The list of attributes that a host bound as itself could write was
>> overly broad.
>>
>> A host can now only update its description, information about itself
>> such as OS release, etc, its certificate, password and keytab.
>>
>> https://fedorahosted.org/freeipa/ticket/416
>>
>> rob
>
> Some of the changes in install/share/default-aci.ldif seem to not apply
> cleanly on top of the current master. Does this patch depend on another
> one?
Maybe unreviewed patch 593 fix group objectclasses on detach
rob
More information about the Freeipa-devel
mailing list