[Freeipa-devel] [PATCH] Avoid listing a group as a memberOf itself
Geert Jansen
gjansen at redhat.com
Mon Apr 7 20:14:35 UTC 2008
Nathan Kinder wrote:
> If you create a circular grouping, a group will be listed as a
> memberOf itself.
>
> We just need to do a check when processing any type of operation to
> see if
> we're attempting to use a group's DN as the value of memberOf on
> itself. We
> had a check like that for a fixup operation, but it needed to be moved
> up in the
> code so it's used for any operations.
I'm not familiar with the directory server code at all, so forgive me if
this is obvious. Does your patch prevent memberships such as a -> b -> a?
Regards,
--
Geert Jansen
Product Manager EMEA
Red Hat Nederland B.V. T: +31 6 293 191 57
Printerweg 44 E: gjansen at redhat.com
3821 AD Amersfoort, NL
More information about the Freeipa-devel
mailing list