Issue 50716 - CVE-2019-14824 (BZ#1748199) - deref plugin displays restricted attributes
Bug Description: If there is an ACI that allows "search" access to an attribute,
the deref plugin access control checks sees this is a "read"
privilege and returns the attribute's value.
Fix description: For deref plugin we are only concerned with "read" access, not
"search" access. Removed the SLAPI_ACL_SEARCH right flag when
checking access for an attribute.
relates: https://pagure.io/389-ds-base/issue/50716
Reviewed by: lkrispen & tbordaz(Thanks!)