Dynamic groups. Basics

It seems that “dynamic groups” is yet another white spot in documentation: Fundamentals guides states that dynamic groups can’t belong to non-dynamic, Administration and Configuration guide, in opposite, gives an example of such possibility: dm_browse_all/dm_browse_all_dynamic, dm_superusers/dm_superusers_dynamic (I have no idea why dm_read_all/dm_read_all_dynamic pair is missed in Administration guide). The only true thing about dynamic groups you can read in documentation is: dynamic groups are intended to be enabled/disabled in runtime, which allows user to gain/loose some extra privileges.
Continue reading

CVE-2014-2515 (D2GetAdminTicketMethod). Was it really fixed?

Previous investigations

Continue reading