Univention Bugzilla – Full Text Bug Listing |
Summary: | LDAP ACLs: staff is able to modify shares - but should not | ||
---|---|---|---|
Product: | UCS@school | Reporter: | Sönke Schwardt-Krummrich <schwardt> |
Component: | LDAP | Assignee: | Florian Best <best> |
Status: | CLOSED FIXED | QA Contact: | Sönke Schwardt-Krummrich <schwardt> |
Severity: | normal | ||
Priority: | P5 | CC: | gohmann |
Version: | UCS@school 4.1 | Keywords: | interim-2 |
Target Milestone: | UCS@school 4.1 R2 vXXX | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | |||
Bug Depends on: | 41115 | ||
Bug Blocks: | 42065, 43042 |
Description
Sönke Schwardt-Krummrich
2016-07-03 23:00:58 CEST
ucs-school-ldap-acls-master (14.0.1-6): r70787 | Bug #41720: adjust joinscript version r70786 | Bug #41720: staff only users should not be able to modify shares ucs-school-ldap-acls-master.yaml: r70788 | YAML Bug #41720 Package: ucs-school-ldap-acls-master Version: 14.0.1-6.75.201607041226 Branch: ucs_4.1-0 Scope: ucs-school-4.1r2 OLD: (|(objectClass=ucsschoolTeacher)(objectClass=ucsschoolAdministrator) (objectClass=ucsschoolStaff) ) NEW: (|(objectClass=ucsschoolTeacher)(objectClass=ucsschoolAdministrator) (&(objectClass=ucsschoolTeacher)(objectClass=ucsschoolStaff)) ) If I'm not mistaken, there is now redundancy in the search filter. → (|(objectClass=ucsschoolTeacher)(objectClass=ucsschoolAdministrator)) should be sufficient REOPEN: code change OK: YAML You are right. ucs-school-ldap-acls-master (14.0.1-8): r70904 | Bug #41720: simplify filter OK: code change OK: functional test OK: YAML Back to RESOLVED for additional ucs-test scripts. (In reply to Sönke Schwardt-Krummrich from comment #5) > Back to RESOLVED for additional ucs-test scripts. ucs-test-ucsschool (3.0.14-5): r71727 | Bug #41720: check if users are able to read but not able to modify shares objects UCS@school 4.1 R2 v4 has been released. http://docs.software-univention.de/changelog-ucsschool-4.1R2v4-de.html If this error occurs again, please clone this bug. |