Michael Ströder wrote:
> On 6/14/19 5:15 PM, Quanah Gibson-Mount wrote:
>> Thanks to Ondrej, this list is a bit shorter now. :)
> 
> But one more I'd love to see in 2.4.48:
> 
> ITS#8866: RFE: slapo-constraint to return filter used in diagnostic message
> 
> https://www.openldap.org/its/index.cgi?findid=8866

I don't believe the information disclosure issues have been sufficiently 
answered there.
Overall it's a bad idea and goes against our standing policy of minimal 
disclosure.

At most you would expect something relevant in syslog. The actual rules in play 
are
only the sysadmin's business, not any end user's.

> I have a back-port patch for this in my own 2.4.47 packages because it
> is very useful.
> 
> Ciao, Michael.
> 
> 


-- 
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Reply via email to