[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#6918) #include statement unsafe
--On Monday, May 02, 2011 12:53 PM +0000 h.b.furuseth@usit.uio.no wrote:
> hyc@symas.com writes:
>> Nothing in the OpenLDAP code issues a truncate operation of any sort.
>
> There are several fopen(filename, "w") calls, which truncate the file.
> Maybe the error confuses slapd so it takes a detour into one of them.
>
> Quanah, can you provide a full slapd.conf and command line which causes
> this? Not that I have a Windows box to test it on, but still...
The command line was just slapd.exe -d -1 -f slapd.conf
The slapd.conf itself is fairly small. The line that wrapped was the
include for inetOrgPerson. Everything obviously stopped when it hit the
wrapped include.
ucdata-path "/opt/zimbra/openldap/ucdata"
include "/opt/zimbra/openldap/etc/openldap/schema/core.schema"
include "/opt/zimbra/openldap/etc/openldap/schema/cosine.schema"
include
"/opt/zimbra/openldap/etc/openldap/schema/inetorgperson.schema"
include "/opt/zimbra/openldap/etc/schema/amavisd.schema"
include "/opt/zimbra/openldap/etc/schema/zimbra.schema"
pidfile "/opt/zimbra/openldap/var/run/slapd.pid"
argsfile "/opt/zimbra/openldap/var/run/slapd.args"
modulepath /opt/zimbra/openldap/openldap
moduleload back_bdb-2-4-2.dll
moduleload back_monitor-2-4-2.dll
access to dn.subtree=""
by dn.children="cn=admins,cn=zimbra" write
by * break
access to dn.base=""
by * read
access to dn.base="cn=Subschema"
by * read
database config
rootpw {SSHA}8+r0nkcErptqasSrFPcT0k81NFrbTcAS
database monitor
rootdn "cn=config"
access to dn.children="cn=monitor"
by dn.children="cn=admins,cn=zimbra" read
database bdb
suffix ""
rootdn "cn=config"
cachesize 10000
idlcachesize 10000
checkpoint 64 5
directory "/opt/zimbra/data/ldap/hdb/db"
index objectClass eq
index uid pres,eq
index entryUUID eq
index entryCSN eq
sizelimit unlimited
timelimit unlimited
access to attrs=userPassword
by anonymous auth
by dn.children="cn=admins,cn=zimbra" write
access to dn.subtree="cn=zimbra"
by dn.children="cn=admins,cn=zimbra" write
access to
attrs=zimbraZimletUserProperties,zimbraGalLdapBindPassword,zimbraGalLdapBindDn,zimbraAuthTokenKey,zimbraPreAuthKey,zimbraPasswordHistory,zimbraIsAdminAccount,zimbraAuthLdapSearchBindPassword
by dn.children="cn=admins,cn=zimbra" write
by * none
access to filter=(!(zimbraHideInGal=TRUE))
attrs=cn,co,company,dc,displayName,givenName,gn,initials,l,mail,o,ou,physicalDeliveryOfficeName,postalCode,sn,st,street,streetAddress,telephoneNumber,title,uid
by dn.children="cn=admins,cn=zimbra" write
by dn.exact="uid=zmpostfix,cn=appaccts,cn=zimbra" read
by * read
access to
attrs=objectclass,zimbraId,zimbraMailAddress,zimbraMailAlias,zimbraMailCanonicalAddress,zimbraMailCatchAllAddress,zimbraMailCatchAllCanonicalAddress,zimbraMailCatchAllForwardingAddress,zimbraMailDeliveryAddress,zimbraMailForwardingAddress,zimbraPrefMailForwardingAddress,zimbraMailHost,zimbraMailStatus,zimbraMailTransport,zimbraDomainName,zimbraDomainType,zimbraPrefMailLocalDeliveryDisabled
by dn.children="cn=admins,cn=zimbra" write
by dn.exact="uid=zmpostfix,cn=appaccts,cn=zimbra" read
by * read
access to attrs=entry
by dn.children="cn=admins,cn=zimbra" write
by * read
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration