Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[stable23] fix potential unwarranted memberships in nested groups from LDAP #30343

Merged
merged 1 commit into from
Dec 30, 2021

Commits on Dec 20, 2021

  1. fix potential unwarranted memberships in nested groups from LDAP

    - the issue was present only when using PHP based resolving of nested
      group members. Normally nested members are common in AD (and Samba4) and
      are resolved per LDAP_MATCHING_RULE_IN_CHAIN by default
    - resolving nested members is recursive
    - when the cache entry was created it happend for intermediate groups, too,
      containing members from the parent group
    - the check was added to only cache the root group with its members
    - a runtime cache stores intermediate ldap read results
    
    
    Signed-off-by: Arthur Schiwon <[email protected]>
    blizzz authored and backportbot[bot] committed Dec 20, 2021
    Configuration menu
    Copy the full SHA
    bf81fa4 View commit details
    Browse the repository at this point in the history