[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#7948) mdb_copy insecure permissions
geert@hendrickx.be wrote:
> Full_Name: Geert Hendrickx
> Version: 2.4.39
> OS: centos6
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (212.123.14.2)
>
>
> mdb_copy creates a copy using the default umask. This usually leads to insecure
> (world readable) copies, as typically an LDAP databse is 600 owned by some
> unprivileged ldap user.
The mode has changed to 0600 as of commit 58ddb5527bd4868bb7017cfe2051bc2e24bcf5a8
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/