[Date Prev][Date Next] [Chronological] [Thread] [Top]

ITS#5166

To: openldap-its@OpenLDAP.org
Subject: ITS#5166
From: ando@sys-net.it
Date: Thu, 4 Oct 2007 07:18:24 GMT

I've added a comment in slapadd(8), slapindex(8) about the need to make 
sure commands are either executed with the right identity, or their 
ownership is changed after execution.

As a side note, if any of the tools that access the database (slapacl, 
slapauth, slapcat, slaptest without -u) are run with an empty 
environment, they'll create the environment, of course owned by the 
identity they've been run as.  This is a known problem; they should 
rather refuse to operate if the environment is empty, since they need an 
already set up one.

p.



Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it
---------------------------------------

Prev by Date: (ITS#5167) Contribution of section for admin guide covering memberof overlay
Next by Date: Re: (ITS#5166) Wrong DBD's database permissions when slapd starts
Index(es):
- Chronological
- Thread