[Date Prev][Date Next] [Chronological] [Thread] [Top]

Center for Internet Security benchmark for OpenLDAP

To: openldap-software@openldap.org
Subject: Center for Internet Security benchmark for OpenLDAP
From: Buchan Milne <bgmilne@staff.telkomsa.net>
Date: Thu, 27 Sep 2007 13:38:07 +0200
Content-disposition: inline
User-agent: KMail/1.9.6

I just wanted to note that the Center for Internet Security recently published 
a security benchmark for OpenLDAP (based on 2.3):

http://www.cisecurity.org/bench_openldap.html

A lot of the content seems to cover standard practise (e.g. what you get by 
default on most Linux distributions in terms of who slapd is run as, 
permissions on important files etc.), but there seem to be some sections 
worth reading.

Unfortunately, they show configuration for slurpd in their section 
on "Redundant LDAP Servers".

I wonder if it is worthwhile providing CIS with feedback?

Regards,
Buchan

Follow-Ups:
- Re: Center for Internet Security benchmark for OpenLDAP
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: toubles using ppolicy to lock account
Next by Date: troubles with automatic chaining
Index(es):
- Chronological
- Thread