Full_Name: Geert Hendrickx Version: 2.4.39 OS: centos6 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (212.123.14.2) mdb_copy creates a copy using the default umask. This usually leads to insecure (world readable) copies, as typically an LDAP databse is 600 owned by some unprivileged ldap user. I suggest to copy the behaviour of cp, scp, rsync etc: preserve mode by default, preserve all metadata (uid:gid, mode, mtime, atime ...) when invoked with -p ?
geert@hendrickx.be wrote: > Full_Name: Geert Hendrickx > Version: 2.4.39 > OS: centos6 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (212.123.14.2) > > > mdb_copy creates a copy using the default umask. This usually leads to insecure > (world readable) copies, as typically an LDAP databse is 600 owned by some > unprivileged ldap user. The mode has changed to 0600 as of commit 58ddb5527bd4868bb7017cfe2051bc2e24bcf5a8 -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
fixed in mdb.master
changed notes changed state Open to Test moved from Incoming to Software Bugs
changed state Test to Release
changed state Release to Closed