[OPENDJ-3011] Enforce privilege checking in tools for confidential backends Created: 11/May/16  Updated: 08/Nov/19

Status: Dev backlog
Project: OpenDJ
Component/s: backends, security
Affects Version/s: 4.0.0, 3.5.0
Fix Version/s: None

Type: Improvement Priority: Major
Reporter: Fabio Pistolesi Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None


Even though one must have unix rights to successfully run tools on a server, we should be more detailed on also enforcing privileges for off-line tasks.
Consider adding privilege checking when running export or backendstat on confidential backends, for example.

Comment by Fabio Pistolesi [ 11/May/16 ]

One option would be to check privileges via an internal connection. Passing the "bindDN" and password could conflict with existing behaviour
as far as export-ldif is concerned, though.

Generated at Mon Oct 26 19:21:00 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.