From dd3279eab0639a29b483ab5dbf282b8f45d3bf07 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Thu, 10 Oct 2002 04:27:23 +0000 Subject: [PATCH] Clarify new "entry" ACLs --- doc/guide/admin/slapdconfig.sdf | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/doc/guide/admin/slapdconfig.sdf b/doc/guide/admin/slapdconfig.sdf index 1e653232ec..f7ed62772d 100644 --- a/doc/guide/admin/slapdconfig.sdf +++ b/doc/guide/admin/slapdconfig.sdf @@ -650,11 +650,13 @@ There are two special {{psuedo}} attributes {{EX:entry}} and {{EX:children}}. To read (and hence return) an target entry, the subject must have {{EX:read}} access to the target's {{entry}} attribute. To add or delete an entry, the subject must have -{{EX:write}} access to the entry's parent's {{EX:children}} attribute. -To rename an entry, the subject must have {{EX:write}} access to -both the old parent's and new parent's {{EX:children}} attributes. -The complete examples at the end of this section should help clear -things up. +{{EX:write}} access to the entry's {{EX:entry}} attribute AND must +have {{EX:write}} access to the entry's parent's {{EX:children}} +attribute. To rename an entry, the subject must have {{EX:write}} +access to entry's {{EX:entry}} attribute AND have {{EX:write}} +access to both the old parent's and new parent's {{EX:children}} +attributes. The complete examples at the end of this section should +help clear things up. Lastly, there is a special entry selector {{EX:"*"}} that is used to select any entry. It is used when no other {{EX:}} -- 2.39.5