From a0fa7f7901cfc437f3a0c675bca0d33398f102a6 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Sat, 19 Mar 2005 18:46:07 +0000 Subject: [PATCH] Document partially implemented "disclose" level. "manage" remains undocumented (and unimplemented). --- doc/man/man5/slapd.access.5 | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/doc/man/man5/slapd.access.5 b/doc/man/man5/slapd.access.5 index be14cf19fb..feae8d2b9c 100644 --- a/doc/man/man5/slapd.access.5 +++ b/doc/man/man5/slapd.access.5 @@ -603,8 +603,8 @@ field will have. Its component are defined as .LP .nf - ::= none|auth|compare|search|read|write - ::= {=|+|-}{w|r|s|c|x|0}+ + ::= none|disclose|auth|compare|search|read|write + ::= {=|+|-}{w|r|s|c|x|d|0}+ .fi .LP The modifier @@ -624,6 +624,7 @@ access model relies on an incremental interpretation of the access privileges. The possible levels are .BR none , +.BR disclose , .BR auth , .BR compare , .BR search , @@ -633,11 +634,18 @@ and Each access level implies all the preceding ones, thus .B write access will imply all accesses. -While -.B none -is trivial, +.LP +The +.B none +access level disallows all access including disclosure on error. +.LP +The +.B disclose +access level allows disclorure of information on error. +.LP +The .B auth -access means that one is allowed access to an attribute to perform +access level means that one is allowed access to an attribute to perform authentication/authorization operations (e.g. .BR bind ) with no other access. @@ -665,9 +673,11 @@ for read, .B s for search, .B c -for compare, and +for compare, .B x -for authentication. +for authentication, and +.B d +for disclose. More than one of the above privileges can be added in one statement. .B 0 indicates no privileges and is used only by itself (e.g., +0). -- 2.39.5