[Freeipa-devel] [PATCH] 609 Reduce the number of attributes a host is allowed to write.
Rob Crittenden
rcritten at redhat.com
Wed Nov 17 20:07:03 UTC 2010
Rob Crittenden wrote:
> Jakub Hrozek wrote:
>> On Wed, Nov 10, 2010 at 04:25:18PM -0500, Rob Crittenden wrote:
>>> The list of attributes that a host bound as itself could write was
>>> overly broad.
>>>
>>> A host can now only update its description, information about itself
>>> such as OS release, etc, its certificate, password and keytab.
>>>
>>> https://fedorahosted.org/freeipa/ticket/416
>>>
>>> rob
>>
>> Some of the changes in install/share/default-aci.ldif seem to not apply
>> cleanly on top of the current master. Does this patch depend on another
>> one?
>
> Maybe unreviewed patch 593 fix group objectclasses on detach
>
> rob
Ok, yes, this relies on patch 593. I also re-based it to patch cleanly
against the master.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-rcrit-609-2-aci.patch
Type: text/x-patch
Size: 6334 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20101117/7eb13815/attachment.bin>
More information about the Freeipa-devel
mailing list