[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#946797: debian-edu-config: kadm5.acl should set proper rights for users

On Mon, Dec 16, 2019 at 11:33:28AM +0100, Dominik George wrote:
> >> Why not just remove that line?
> >
> >The only line needed is: root/admin@INTERN *
> >Intention is to fix the bug, but keep the change as minimal as
> >possible.
> Then it should be CIl in my opinion. Listing principals is the same as 
> getent passwd, so no additional leaks here. The i ACL allows tracking 
> other users' use of the network. It is thus part of the bug.

IMO Cil is enough, but better safe than sorry. Just committed like 
proposed, thanks.


Attachment: signature.asc
Description: PGP signature

Reply to: