Fix self-edit security issue

jonremy · web-flow · commit 1d8fa1ca9ea4 · 2018-08-12T01:18:47.000+02:00
The security issue fixed in version 1.2.1 is still there when a read-only user is created.
diff --git a/image/service/slapd/assets/config/bootstrap/ldif/readonly-user/readonly-user-acl.ldif b/image/service/slapd/assets/config/bootstrap/ldif/readonly-user/readonly-user-acl.ldif
@@ -4,4 +4,4 @@ delete: olcAccess
 -
 add: olcAccess
 olcAccess: to attrs=userPassword,shadowLastChange by self write by dn="cn=admin,{{ LDAP_BASE_DN }}" write by anonymous auth by * none
-olcAccess: to * by self write by dn="cn=admin,{{ LDAP_BASE_DN }}" write by dn="cn={{ LDAP_READONLY_USER_USERNAME }},{{ LDAP_BASE_DN }}" read by * none
+olcAccess: to * by self read by dn="cn=admin,{{ LDAP_BASE_DN }}" write by dn="cn={{ LDAP_READONLY_USER_USERNAME }},{{ LDAP_BASE_DN }}" read by * none

Original file line number	Diff line number	Diff line change
`@@ -4,4 +4,4 @@ delete: olcAccess`
`4`	`4`	`-`
`5`	`5`	`add: olcAccess`
`6`	`6`	`olcAccess: to attrs=userPassword,shadowLastChange by self write by dn="cn=admin,{{ LDAP_BASE_DN }}" write by anonymous auth by * none`
`7`		`-olcAccess: to * by self write by dn="cn=admin,{{ LDAP_BASE_DN }}" write by dn="cn={{ LDAP_READONLY_USER_USERNAME }},{{ LDAP_BASE_DN }}" read by * none`
	`7`	`+olcAccess: to * by self read by dn="cn=admin,{{ LDAP_BASE_DN }}" write by dn="cn={{ LDAP_READONLY_USER_USERNAME }},{{ LDAP_BASE_DN }}" read by * none`