[Date Prev][Date Next] [Chronological] [Thread] [Top]

enable-wrappers uses brain dead hosts_ctl (ITS#1975)

Full_Name: Tim Rice
Version: 2.0.25
OS: OpenUNIX & Linux
Submission from: (NULL) (

servers/slapd/daemon.c uses hosts_ctl() which is not smart enough
to figure out valid hosts.allow entries like
	slapd: localhost ALLOW
causing most users to use slapd: ALL: ALLOW instead. 
Not good security wise. From the hosts_acces(3) man page
       hosts_ctl()  is  a  wrapper  around the request_init() and
       hosts_access() routines with  a  perhaps  more  convenient
       interface  (though  it does not pass on enough information
       to support automated client username lookups).