6402611 "idsconfig" does not deny self-writes of auditing and RBAC attribute values.

author: jj100372 <none@none> 2007-10-29 17:43:31 -0700
committer: jj100372 <none@none> 2007-10-29 17:43:31 -0700
commit: 288fa449d117c45a9f11e80a07be41189fb967d7 (patch)
tree: dba92e674ebdc09eefaef9e2c9675ea47fba6f90 /usr/src/cmd/ldap
parent: 9edfcb98cbf50b8e2ca35c6c7dd041cc42df94a4 (diff)
download: illumos-gate-288fa449d117c45a9f11e80a07be41189fb967d7.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/src/cmd/ldap/ns_ldap/idsconfig.sh b/usr/src/cmd/ldap/ns_ldap/idsconfig.sh
index 02e795e3d8..1ed8037045 100644
--- a/usr/src/cmd/ldap/ns_ldap/idsconfig.sh
+++ b/usr/src/cmd/ldap/ns_ldap/idsconfig.sh
@@ -4104,7 +4104,7 @@ modify_top_aci()
 dn: ${LDAP_BASEDN}
 changetype: modify
 add: aci
-aci: (targetattr = "cn||uid||uidNumber||gidNumber||homeDirectory||shadowLastChange||shadowMin||shadowMax||shadowWarning||shadowInactive||shadowExpire||shadowFlag||memberUid")(version 3.0; acl ${ACI_NAME}; deny (write) userdn = "ldap:///self";)
+aci: (targetattr = "cn||uid||uidNumber||gidNumber||homeDirectory||shadowLastChange||shadowMin||shadowMax||shadowWarning||shadowInactive||shadowExpire||shadowFlag||memberUid||SolarisAuditAlways||SolarisAuditNever||SolarisAttrKeyValue||SolarisAttrReserved1||SolarisAttrReserved2||SolarisUserQualifier")(version 3.0; acl ${ACI_NAME}; deny (write) userdn = "ldap:///self";)
 -
 EOF
 ) > ${TMPDIR}/top_aci
author	jj100372 <none@none>	2007-10-29 17:43:31 -0700
committer	jj100372 <none@none>	2007-10-29 17:43:31 -0700
commit	288fa449d117c45a9f11e80a07be41189fb967d7 (patch)
tree	dba92e674ebdc09eefaef9e2c9675ea47fba6f90 /usr/src/cmd/ldap
parent	9edfcb98cbf50b8e2ca35c6c7dd041cc42df94a4 (diff)
download	illumos-gate-288fa449d117c45a9f11e80a07be41189fb967d7.tar.gz