Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix potential unwarranted memberships in nested groups from LDAP #29329

Merged
merged 1 commit into from
Dec 20, 2021

Commits on Nov 19, 2021

  1. fix potential unwarranted memberships in nested groups from LDAP

    - the issue was present only when using PHP based resolving of nested
      group members. Normally nested members are common in AD (and Samba4) and
      are resolved per LDAP_MATCHING_RULE_IN_CHAIN by default
    - resolving nested members is recursive
    - when the cache entry was created it happend for intermediate groups, too,
      containing members from the parent group
    - the check was added to only cache the root group with its members
    - a runtime cache stores intermediate ldap read results
    
    
    Signed-off-by: Arthur Schiwon <[email protected]>
    blizzz committed Nov 19, 2021
    Configuration menu
    Copy the full SHA
    8266f88 View commit details
    Browse the repository at this point in the history