Fix entry/children always allowed bug!

diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c
index b61b1570c18a92b00aa0f69570d213fcfc134606..cbed19b93150653000d6fe2afce86e2e5257d7f3 100644 (file)
--- a/servers/slapd/acl.c
+++ b/servers/slapd/acl.c
@@ -115,7 +115,9 @@ access_allowed(
         * by ACL_WRITE checking as any found here are not provided
         * by the user
         */
-       if ( access >= ACL_WRITE && is_at_no_user_mod( desc->ad_type ) )
+       if ( access >= ACL_WRITE && is_at_no_user_mod( desc->ad_type )
+               && desc != slap_schema.si_ad_entry
+               && desc != slap_schema.si_ad_children )
        {
                Debug( LDAP_DEBUG_ACL, "NoUserMod Operational attribute:"
                        " %s access granted\n",