ref advisory #20000907

[John McCain <jmccain () POMEROY COM>]

Your statements regarding this security "hole" are misleading.

While it is true that not watching write rights to ACL's can lead to network problems, anyone who has undergone any 
level of Netware training knows the extent to which Novell warns against granting broad property write rights, 
specifically because of the danger of giving someone rights to another object's ACL.  Setting a property level IRF on 
the ACL property would neither be time consuming nor prone to error.

The dangers of granting write property rights to ACLs is discussed extensively in the training materials for Novell's 
CNA certification, their base level of certification.  I suggest you review these materials before publishing similar 
warnings, or availing yourself of someone who has.