[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4127) "access" modification by back-config stops slapd in case of syntax error when no -F is provided

Full_Name: Pierangelo Masarati
Version: HEAD/re23
OS: irrelevant
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (
Submitted by: ando

"access" writing via back-config uses the underlying parse_acl() calls; this may
result in calling exit() in case of syntax error.  This is not a security issue
per se, although it may lead to DoS, because access writing needs rootdn
credentials for the config database.  I suspect similar issues may exist when
parsing other legacy data.