[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7948) mdb_copy insecure permissions

geert@hendrickx.be wrote:
> Full_Name: Geert Hendrickx
> Version: 2.4.39
> OS: centos6
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (
> mdb_copy creates a copy using the default umask.  This usually leads to insecure
> (world readable) copies, as typically an LDAP databse is 600 owned by some
> unprivileged ldap user.

The mode has changed to 0600 as of commit 58ddb5527bd4868bb7017cfe2051bc2e24bcf5a8

   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/